path: root/proxy/nginx.conf

#server {
#	server_name _;
#    listen   80 default_server;
#    # listen   443 default_server;
#    listen   [::]:80 default_server;
#    # listen   [::]:443 default_server;
#    return   444;
#}
server {
	listen 93.103.156.37:80;
	listen [::]:80;
	server_name .g.gimb.tk .gimsis.gimb.tk .zgimsis.gimb.tk .gimsisext.gimb.tk .gse.gimb.tk;
	return 301 https://zgimsis.gimb.tk$request_uri;
	port_in_redirect off;
	server_name_in_redirect off;
}
server {
	listen 93.103.156.37:443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/sslforfree/sg.crt;
	ssl_certificate_key /etc/ssl/sslforfree/sg.key;
	ssl_session_cache  builtin:1000  shared:SSL:10m;
	ssl_prefer_server_ciphers on;
	add_header Strict-Transport-Security "max-age=604800";
	#root /var/www/html;
	index index.php index.html index.htm index.nginx-debian.html;
	server_name .g.gimb.tk .gimsis.gimb.tk .zgimsis.gimb.tk .gimsisext.gimb.tk .gse.gimb.tk;
	location /gse/ {
		#try_files $uri $uri/ =404;
		proxy_pass       https://localhost:27443;
		proxy_set_header Host      $host;
		proxy_set_header X-Real-IP $remote_addr;
		set $cors '';
		set $both_conditions "";
		add_header "x-debug-location-gse" "triggered";
		if ($http_origin ~ \.?gimb\.tk$) {
			set $cors 'true';
			set $both_conditions "P";
			add_header "x-debug-http-origin-check" "passed";
		}
		if ($cors = 'true') {
			add_header "Access-Control-Allow-Origin" $http_origin always;
			add_header "Access-Control-Allow-Credentials" "true" always;
			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
		}
		if ($request_method = 'OPTIONS') {
			set $both_conditions "${both_conditions}D";
		}
		if ($both_conditions = PD) {
			add_header "Access-Control-Allow-Origin" $http_origin always;
			add_header "Access-Control-Allow-Credentials" "true" always;
			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Max-Age' -1;
			add_header 'Content-Type' 'text/plain charset=UTF-8';
			add_header 'Content-Length' 0;
			return 204;
		}
	}
	location / {
		set $cors '';
		if ($http_origin ~ \.?gimb\.tk$) {
			set $cors 'true';
		}
		if ($cors = 'true') {
			add_header "Access-Control-Allow-Origin" $http_origin always;
			add_header "Access-Control-Allow-Credentials" "true" always;
			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
		}
		if ($request_method = 'OPTIONS') {
			add_header 'Access-Control-Max-Age' 300;
			add_header 'Content-Type' 'text/plain charset=UTF-8';
			add_header 'Content-Length' 0;
			return 204;
		}
		return 301 https://zgimsis.gimb.tk/gse/;
	}
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#	fastcgi_pass unix:/run/php/php7.3-fpm.sock;
	#}
	location ~ /\.ht {
		deny all;
	}
	port_in_redirect off;
	server_name_in_redirect off;
}
server {
	listen 93.103.156.37:80;
	listen [::]:80;
	server_name .la.gimb.tk .lopolisapi.gimb.tk .lopolis-api.gimb.tk;
	return 301 https://lopolis-api.gimb.tk$request_uri;
	port_in_redirect off;
	server_name_in_redirect off;
}
server {
	listen 93.103.156.37:443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/sslforfree/sg.crt;
	ssl_certificate_key /etc/ssl/sslforfree/sg.key;
	ssl_session_cache  builtin:1000  shared:SSL:10m;
	ssl_prefer_server_ciphers on;
	add_header Strict-Transport-Security "max-age=604800";
	#root /var/www/html;
	index index.php index.html index.htm index.nginx-debian.html;
	server_name .la.gimb.tk .lopolisapi.gimb.tk .lopolis-api.gimb.tk;
	location / {
		#try_files $uri $uri/ =404;
	    proxy_pass       http://localhost:44625;
	    proxy_set_header Host      $host;
	    proxy_set_header X-Real-IP $remote_addr;
	}
	#location / {
#		return 301 https://zgimsis.gimb.tk/gse/;
#	}
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#	fastcgi_pass unix:/run/php/php7.3-fpm.sock;
	#}
	location ~ /\.ht {
		deny all;
	}
	add_header X-This-Is-Definetley-Not-Flask I-Really-Care-If-Someone-DoSes-This-/s;
	add_header X-I-Mean-If-Someone-Wants-To-DoS-Me They-Have-The-Power-To-Do-It;
	add_header X-Although-It-Is-Illegal-And-I Will-Report-You-To-SiCert-And-They-Will-Bit-Your-Ass;
	port_in_redirect off;
	server_name_in_redirect off;
}