diff options
Diffstat (limited to 'var/jail/www/usr/local/etc')
| -rw-r--r-- | var/jail/www/usr/local/etc/cgitrc | 83 | ||||
| -rw-r--r-- | var/jail/www/usr/local/etc/nginx/nginx.conf | 144 |
2 files changed, 227 insertions, 0 deletions
diff --git a/var/jail/www/usr/local/etc/cgitrc b/var/jail/www/usr/local/etc/cgitrc new file mode 100644 index 0000000..cb8da04 --- /dev/null +++ b/var/jail/www/usr/local/etc/cgitrc @@ -0,0 +1,83 @@ +# +# cgit config +# + +css=/css/cgit.css +logo=/img/cgit.png +favicon=/img/favicon.ico + +# if you do not want that webcrawler (like google) index your site +robots=index, nofollow + +# if cgit messes up links, use a virtual-root. For example, cgit.example.org/ has this value: +virtual-root=/ + +root-title=GitJoe +root-desc=where the good code belongs +root-readme=/var/www/gitjoe/about.html +footer=/var/www/gitjoe/footer.html + +clone-url=git://gitjoe.xyz/$CGIT_REPO_URL + +enable-blame=0 +enable-commit-graph=1 +enable-filter-overrides=1 +enable-follow-links=1 +enable-git-config=0 +enable-http-clone=0 +enable-http-serving=0 +enable-index-links=0 +enable-index-owner=0 +enable-log-filecount=1 +enable-log-linecount=1 +enable-remote-branches=1 +enable-subject-links=1 +enable-tree-linenumbers=1 + +branch-sort=age +repository-sort=name +local-time=0 +strict-export=git-daemon-export-ok +remove-suffix=1 +side-by-side-diffs=0 +section-sort=1 +section-from-path=1 + +cache-size=0 + +about-filter=/usr/local/lib/cgit/filters/about-formatting-edited.sh +source-filter=/usr/local/lib/cgit/filters/syntax-highlighting-edited.sh + +snapshots=tar.zst tar.gz tar.bz2 tar.xz zip +max-stats=year + +readme=:README.md +readme=:readme.md +readme=:README.org +readme=:readme.org +readme=:README.mkd +readme=:readme.mkd +readme=:README.html +readme=:readme.html +readme=:README.htm +readme=:readme.htm +readme=:README.txt +readme=:readme.txt +readme=:README +readme=:readme +readme=:INSTALL.md +readme=:install.md +readme=:INSTALL.org +readme=:install.org +readme=:INSTALL.mkd +readme=:install.mkd +readme=:INSTALL.html +readme=:install.html +readme=:INSTALL.htm +readme=:install.htm +readme=:INSTALL.txt +readme=:install.txt +readme=:INSTALL +readme=:install + +scan-path=/var/mnt/git diff --git a/var/jail/www/usr/local/etc/nginx/nginx.conf b/var/jail/www/usr/local/etc/nginx/nginx.conf new file mode 100644 index 0000000..869ff4d --- /dev/null +++ b/var/jail/www/usr/local/etc/nginx/nginx.conf @@ -0,0 +1,144 @@ +worker_processes 1; + +events { + worker_connections 1024; +} + +http { + include mime.types; + default_type application/octet-stream; + sendfile on; + keepalive_timeout 65; + gzip on; + gzip_vary on; + gzip_min_length 1k; + gzip_proxied expired no-cache no-store private auth; + gzip_buffers 4 16k; + gzip_http_version 1.1; + gzip_comp_level 2; + gzip_types text/plain application/x-javascript application/javascript text/css application/xml application/json; + + map $sent_http_content_type $expires { + default off; + text/css 15m; + application/javascript 15m; + ~image/ 15m; + } + +# JOZAN + + server{ + server_name jozan.org; + root /var/www/joe; + index index.html; + expires $expires; + + location / { + try_files $uri $uri/ =404; + } + location ~ /\.ht { + deny all; + } + location ~ \.cgi$ { + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root/asm-example.cgi; + fastcgi_param PATH_INFO $uri; + fastcgi_param HTTP_HOST $server_name; + fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock; + } + error_page 403 /403.html; + location = /403.html { + root /var/www/joe/err; + } + error_page 404 /404.html; + location = /404.html { + root /var/www/joe/err; + } + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/local/www/nginx-dist; + } + + listen 443 ssl; # managed by Certbot + ssl_certificate /usr/local/etc/letsencrypt/live/jozan.org/fullchain.pem; # managed by Certbot + ssl_certificate_key /usr/local/etc/letsencrypt/live/jozan.org/privkey.pem; # managed by Certbot + include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + + +} + +# GITJOE + + server { + server_name gitjoe.xyz; + root /var/www/gitjoe; + try_files $uri @cgit; + index cgit.cgi; + + location @cgit { + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root/cgit.cgi; + fastcgi_param PATH_INFO $uri; + fastcgi_param QUERY_STRING $args; + fastcgi_param HTTP_HOST $server_name; + fastcgi_param CGIT_CONFIG /usr/local/etc/cgitrc; + fastcgi_pass unix:/var/run/fcgiwrap/fcgiwrap.sock; + + gzip off; + rewrite ^/([^/]+/.*)?$ /cgit.cgi?url=$1 break; + } + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/local/www/nginx-dist; + } + + listen 443 ssl; + + ssl_certificate /usr/local/etc/letsencrypt/live/jozan.org/fullchain.pem; # managed by Certbot + ssl_certificate_key /usr/local/etc/letsencrypt/live/jozan.org/privkey.pem; # managed by Certbot +} + +# REDIRECT 80 to 443 + +server{ + if ($host = jozan.org) { + return 301 https://$host$request_uri; + } + + + if ($host = www.jozanofastora.xyz) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + if ($host = jozanofastora.xyz) { + return 301 https://$host$request_uri; + } # managed by Certbot + + + if ($host = www.jozan.org) { + return 301 https://$host$request_uri; + } # managed by Certbot + + if ($host = gitjoe.xyz) { + return 301 https://$host$request_uri; + } # managed by Certbot + + server_name jozan.org www.jozan.org jozanofastora.xyz www.jozanofastora.xyz gitjoe.xyz; + listen 80; + return 404; +} + +# REDIRECT 443 to JOZAN 443 + +server{ + listen 443 ssl; + server_name www.jozan.org jozanofastora.xyz www.jozanofastora.xyz; + return 301 $scheme://jozan.org$request_uri; + ssl_certificate /usr/local/etc/letsencrypt/live/jozan.org/fullchain.pem; # managed by Certbot + ssl_certificate_key /usr/local/etc/letsencrypt/live/jozan.org/privkey.pem; # managed by Certbot + include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot +} +} |