wiki.conf 3.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
  1. ## Configuração para wiki.partidopirata.org
  2. server {
  3. listen 80;
  4. listen [::]:80;
  5. server_name wiki.partidopirata.org;
  6. return 301 https://wiki.partidopirata.org$request_uri;
  7. }
  8. server {
  9. listen 80;
  10. listen [::]:80;
  11. server_name *.wiki.partidopirata.org;
  12. return 301 http://wiki.partidopirata.org$request_uri;
  13. }
  14. ## SSL
  15. server {
  16. listen 443 ssl;
  17. listen [::]:443 ssl;
  18. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  19. ssl_prefer_server_ciphers on;
  20. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
  21. ssl_ecdh_curve secp384r1;
  22. ssl_session_cache shared:SSL:10m;
  23. ssl_session_tickets off;
  24. ssl_stapling on;
  25. ssl_stapling_verify on;
  26. resolver 208.67.220.220 208.67.222.222 valid=300s;
  27. resolver_timeout 5s;
  28. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
  29. add_header X-Frame-Options SAMEORIGIN;
  30. add_header X-Content-Type-Options nosniff;
  31. ssl_certificate /etc/letsencrypt/live/partidopirata.org-0001/fullchain.pem;
  32. ssl_certificate_key /etc/letsencrypt/live/partidopirata.org-0001/privkey.pem;
  33. ssl_trusted_certificate /etc/letsencrypt/live/partidopirata.org-0001/chain.pem;
  34. server_name wiki.partidopirata.org;
  35. root /var/www/public_html/partidopirataxyz/;
  36. client_max_body_size 1228M;
  37. client_body_timeout 360s;
  38. location / {
  39. error_page 404 @ikiwiki404;
  40. }
  41. location ~ \.cgi {
  42. fastcgi_pass unix:/tmp/fcgi.socket;
  43. # Fastcgi parameters, include the standard ones
  44. include /etc/nginx/fastcgi_params;
  45. # Adjust non standard parameters (SCRIPT_FILENAME)
  46. fastcgi_param SCRIPT_FILENAME /var/www/public_html/partidopirataxyz/ikiwiki.cgi;
  47. fastcgi_param SCRIPT_NAME /ikiwiki.cgi;
  48. fastcgi_param AUTH_USER $remote_user;
  49. fastcgi_param REMOTE_USER $remote_user;
  50. fastcgi_index ikiwiki.cgi;
  51. fastcgi_param DOCUMENT_ROOT /var/www/public_html/partidopirataxyz/;
  52. fastcgi_read_timeout 300;
  53. }
  54. location @ikiwiki404 {
  55. fastcgi_pass unix:/tmp/fcgi.socket;
  56. fastcgi_index ikiwiki.cgi;
  57. fastcgi_param DOCUMENT_ROOT /var/www/public_html/partidopirataxyz/;
  58. fastcgi_param SCRIPT_FILENAME /var/www/public_html/partidopirataxyz/ikiwiki.cgi;
  59. fastcgi_param QUERY_STRING "";
  60. fastcgi_param REQUEST_METHOD "get";
  61. fastcgi_param REDIRECT_STATUS 404;
  62. fastcgi_param REDIRECT_URL $uri;
  63. include /etc/nginx/fastcgi_params;
  64. }
  65. }
  66. ## Tor
  67. server {
  68. listen 127.0.0.1:42914;
  69. allow 127.0.0.1;
  70. deny all;
  71. add_header X-Frame-Options SAMEORIGIN;
  72. add_header X-Content-Type-Options nosniff;
  73. server_name wikibvg7ty3xsboc.onion;
  74. root /var/www/public_html/partidopirataxyz/;
  75. client_max_body_size 1228M;
  76. client_body_timeout 360s;
  77. location / {
  78. error_page 404 @ikiwiki404;
  79. }
  80. location ~ \.cgi {
  81. fastcgi_pass unix:/tmp/fcgi.socket;
  82. # Fastcgi parameters, include the standard ones
  83. include /etc/nginx/fastcgi_params;
  84. # Adjust non standard parameters (SCRIPT_FILENAME)
  85. fastcgi_param SCRIPT_FILENAME /var/www/public_html/partidopirataxyz/ikiwiki.cgi;
  86. fastcgi_param SCRIPT_NAME /ikiwiki.cgi;
  87. fastcgi_param AUTH_USER $remote_user;
  88. fastcgi_param REMOTE_USER $remote_user;
  89. fastcgi_index ikiwiki.cgi;
  90. fastcgi_param DOCUMENT_ROOT /var/www/public_html/partidopirataxyz/;
  91. fastcgi_read_timeout 300;
  92. }
  93. location @ikiwiki404 {
  94. fastcgi_pass unix:/tmp/fcgi.socket;
  95. fastcgi_index ikiwiki.cgi;
  96. fastcgi_param DOCUMENT_ROOT /var/www/public_html/partidopirataxyz/;
  97. fastcgi_param SCRIPT_FILENAME /var/www/public_html/partidopirataxyz/ikiwiki.cgi;
  98. fastcgi_param QUERY_STRING "";
  99. fastcgi_param REQUEST_METHOD "get";
  100. fastcgi_param REDIRECT_STATUS 404;
  101. fastcgi_param REDIRECT_URL $uri;
  102. include /etc/nginx/fastcgi_params;
  103. }
  104. }