piratas
/
nginx.d


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283
							## Configuração para sul.partidopirata.org
server {
  listen 80;
  listen [::]:80;
  server_name sul.partidopirata.org;
  return 301 https://sul.partidopirata.org$request_uri;
}
server {
  listen 80;
  listen [::]:80;
  server_name *.sul.partidopirata.org;
  return 301 http://sul.partidopirata.org$request_uri;
}

## SSL
server {
  listen 443 ssl;
  listen [::]:443 ssl;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;
  ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
  ssl_ecdh_curve secp384r1;
  ssl_session_cache shared:SSL:10m;
  ssl_session_tickets off;
  ssl_stapling on;
  ssl_stapling_verify on;
  resolver 208.67.220.220 208.67.222.222 valid=300s;
  resolver_timeout 5s;
  add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
  add_header X-Frame-Options SAMEORIGIN;
  add_header X-Content-Type-Options nosniff;
  ssl_certificate /etc/letsencrypt/live/partidopirata.org/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/partidopirata.org/privkey.pem;
  ssl_trusted_certificate /etc/letsencrypt/live/partidopirata.org/chain.pem;

  server_name sul.partidopirata.org;

  root /var/www/public_html/sulpartidopirataxyz/;

#  location ~ \.cgi {
#    fastcgi_pass unix:/tmp/fcgi.socket;
#    # Fastcgi parameters, include the standard ones
#    include /etc/nginx/fastcgi_params;
#    # Adjust non standard parameters (SCRIPT_FILENAME)
#    fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
#    fastcgi_param SCRIPT_NAME /ikiwiki.cgi;
#    fastcgi_param AUTH_USER $remote_user;
#    fastcgi_param REMOTE_USER $remote_user;
#  }
  location / {
    proxy_pass http://entwickler;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
  }
}

## Tor
#server {
#  listen 127.0.0.1:42913;
#  allow 127.0.0.1;
#  deny all;
#
#  add_header X-Frame-Options SAMEORIGIN;
#  add_header X-Content-Type-Options nosniff;
#
#  server_name sultytmrawcxcnw3.onion;
#
#  root /var/www/public_html/sulpartidopirataxyz/;
#
#  location ~ \.cgi {
#    fastcgi_pass unix:/tmp/fcgi.socket;
#    # Fastcgi parameters, include the standard ones
#    include /etc/nginx/fastcgi_params;
#    # Adjust non standard parameters (SCRIPT_FILENAME)
#    fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
#    fastcgi_param SCRIPT_NAME /ikiwiki.cgi;
#    fastcgi_param AUTH_USER $remote_user;
#    fastcgi_param REMOTE_USER $remote_user;
#  }
#}