dev.conf 3.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123
  1. ## Configuração para partidopirata.org
  2. server {
  3. listen 80;
  4. listen [::]:80;
  5. server_name dev.partidopirata.org;
  6. root /var/www/www/default/;
  7. index index.php index.html index.htm;
  8. location / {
  9. proxy_pass http://docker7;
  10. proxy_set_header Host $host;
  11. proxy_set_header X-Forwarded-For $remote_addr;
  12. proxy_set_header X-Forwarded-Proto $scheme;
  13. }
  14. location ~ /\.ht {
  15. deny all;
  16. }
  17. }
  18. server {
  19. listen 80;
  20. listen [::]:80;
  21. server_name www.dev.partidopirata.org;
  22. return 301 http://dev.partidopirata.org$request_uri;
  23. }
  24. server {
  25. listen 80;
  26. listen [::]:80;
  27. server_name *.dev.partidopirata.org;
  28. return 301 http://dev.partidopirata.org$request_uri;
  29. }
  30. server {
  31. listen 80;
  32. listen [::]:80;
  33. server_name *.www.dev.partidopirata.org;
  34. return 301 http://dev.partidopirata.org$request_uri;
  35. }
  36. ## SSL
  37. server {
  38. listen 443 ssl;
  39. listen [::]:443 ssl;
  40. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  41. ssl_prefer_server_ciphers on;
  42. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
  43. ssl_ecdh_curve secp384r1;
  44. ssl_session_cache shared:SSL:10m;
  45. ssl_session_tickets off;
  46. ssl_stapling on;
  47. ssl_stapling_verify on;
  48. resolver 208.67.220.220 208.67.222.222 valid=300s;
  49. resolver_timeout 5s;
  50. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
  51. add_header X-Frame-Options SAMEORIGIN;
  52. add_header X-Content-Type-Options nosniff;
  53. ssl_certificate /etc/letsencrypt/live/partidopirata.org-0001/fullchain.pem;
  54. ssl_certificate_key /etc/letsencrypt/live/partidopirata.org-0001/privkey.pem;
  55. ssl_trusted_certificate /etc/letsencrypt/live/partidopirata.org-0001/chain.pem;
  56. server_name dev.partidopirata.org;
  57. root /var/www/www/default/;
  58. index index.php index.html index.htm;
  59. location / {
  60. proxy_pass http://docker7;
  61. proxy_set_header Host $host;
  62. proxy_set_header X-Forwarded-For $remote_addr;
  63. proxy_set_header X-Forwarded-Proto $scheme;
  64. }
  65. location ~ /\.ht {
  66. deny all;
  67. }
  68. }
  69. server {
  70. listen 443 ssl;
  71. listen [::]:443 ssl;
  72. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  73. ssl_prefer_server_ciphers on;
  74. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
  75. ssl_ecdh_curve secp384r1;
  76. ssl_session_cache shared:SSL:10m;
  77. ssl_session_tickets off;
  78. ssl_stapling on;
  79. ssl_stapling_verify on;
  80. resolver 208.67.220.220 208.67.222.222 valid=300s;
  81. resolver_timeout 5s;
  82. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
  83. add_header X-Frame-Options SAMEORIGIN;
  84. add_header X-Content-Type-Options nosniff;
  85. ssl_certificate /etc/letsencrypt/live/partidopirata.org-0001/fullchain.pem;
  86. ssl_certificate_key /etc/letsencrypt/live/partidopirata.org-0001/privkey.pem;
  87. ssl_trusted_certificate /etc/letsencrypt/live/partidopirata.org-0001/chain.pem;
  88. server_name www.dev.partidopirata.org;
  89. return 301 https://dev.partidopirata.org$request_uri;
  90. }
  91. ## Tor
  92. #server {
  93. # listen 127.0.0.1:42987;
  94. # allow 127.0.0.1;
  95. # deny all;
  96. #
  97. # add_header X-Frame-Options SAMEORIGIN;
  98. # add_header X-Content-Type-Options nosniff;
  99. #
  100. # server_name piratasxmu4ven46.onion;
  101. #
  102. # root /var/www/www/default/;
  103. # index index.php index.html index.htm;
  104. # location / {
  105. # proxy_pass http://docker7;
  106. # proxy_set_header Host $host;
  107. # proxy_set_header X-Forwarded-For $remote_addr;
  108. # proxy_set_header X-Forwarded-Proto $scheme;
  109. # }
  110. # location ~ /\.ht {
  111. # deny all;
  112. # }
  113. #}