summaryrefslogtreecommitdiffstats
path: root/server/proxy/nginx.conf
blob: 222b8d272b9dc7daa1a9f92b4288e223d0816b5f (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
#server {
#	server_name _;
#    listen   80 default_server;
#    # listen   443 default_server;
#    listen   [::]:80 default_server;
#    # listen   [::]:443 default_server;
#    return   444;
#}
server {
	listen 93.103.156.37:80;
	listen [::]:80;
	server_name .g.gimb.tk .gimsis.gimb.tk .zgimsis.gimb.tk .gimsisext.gimb.tk .gse.gimb.tk;
	return 301 https://zgimsis.gimb.tk$request_uri;
	port_in_redirect off;
	server_name_in_redirect off;
}
server {
	listen 93.103.156.37:443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/sslforfree/sg.crt;
	ssl_certificate_key /etc/ssl/sslforfree/sg.key;
	ssl_session_cache  builtin:1000  shared:SSL:10m;
	ssl_prefer_server_ciphers on;
	add_header Strict-Transport-Security "max-age=604800";
	#root /var/www/html;
	index index.php index.html index.htm index.nginx-debian.html;
	server_name .g.gimb.tk .gimsis.gimb.tk .zgimsis.gimb.tk .gimsisext.gimb.tk .gse.gimb.tk;
	location /gse/ {
		#try_files $uri $uri/ =404;
		proxy_pass       https://localhost:27443;
		proxy_set_header Host      $host;
		proxy_set_header X-Real-IP $remote_addr;
		set $cors '';
		set $both_conditions "";
		add_header "x-debug-location-gse" "triggered";
		if ($http_origin ~ \.?gimb\.tk$) {
			set $cors 'true';
			set $both_conditions "P";
			add_header "x-debug-http-origin-check" "passed";
		}
		if ($cors = 'true') {
			add_header "Access-Control-Allow-Origin" $http_origin always;
			add_header "Access-Control-Allow-Credentials" "true" always;
			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
		}
		if ($request_method = 'OPTIONS') {
			set $both_conditions "${both_conditions}D";
		}
		if ($both_conditions = PD) {
			add_header "Access-Control-Allow-Origin" $http_origin always;
			add_header "Access-Control-Allow-Credentials" "true" always;
			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Max-Age' -1;
			add_header 'Content-Type' 'text/plain charset=UTF-8';
			add_header 'Content-Length' 0;
			return 204;
		}
	}
	location / {
		set $cors '';
		if ($http_origin ~ \.?gimb\.tk$) {
			set $cors 'true';
		}
		if ($cors = 'true') {
			add_header "Access-Control-Allow-Origin" $http_origin always;
			add_header "Access-Control-Allow-Credentials" "true" always;
			add_header "Access-Control-Allow-Methods" "GET, POST, PATCH, PUT, DELETE, OPTIONS" always;
			add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
			add_header 'Access-Control-Expose-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,Authorization' always;
		}
		if ($request_method = 'OPTIONS') {
			add_header 'Access-Control-Max-Age' 300;
			add_header 'Content-Type' 'text/plain charset=UTF-8';
			add_header 'Content-Length' 0;
			return 204;
		}
		return 301 https://zgimsis.gimb.tk/gse/;
	}
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#	fastcgi_pass unix:/run/php/php7.3-fpm.sock;
	#}
	location ~ /\.ht {
		deny all;
	}
	port_in_redirect off;
	server_name_in_redirect off;
}
server {
	listen 93.103.156.37:80;
	listen [::]:80;
	server_name .la.gimb.tk .lopolisapi.gimb.tk .lopolis-api.gimb.tk;
	return 301 https://lopolis-api.gimb.tk$request_uri;
	port_in_redirect off;
	server_name_in_redirect off;
}
server {
	listen 93.103.156.37:443 ssl http2;
	listen [::]:443 ssl http2;
	ssl_certificate /etc/ssl/sslforfree/sg.crt;
	ssl_certificate_key /etc/ssl/sslforfree/sg.key;
	ssl_session_cache  builtin:1000  shared:SSL:10m;
	ssl_prefer_server_ciphers on;
	add_header Strict-Transport-Security "max-age=604800";
	#root /var/www/html;
	index index.php index.html index.htm index.nginx-debian.html;
	server_name .la.gimb.tk .lopolisapi.gimb.tk .lopolis-api.gimb.tk;
	location / {
		#try_files $uri $uri/ =404;
	    proxy_pass       http://localhost:44625;
	    proxy_set_header Host      $host;
	    proxy_set_header X-Real-IP $remote_addr;
	}
	#location / {
#		return 301 https://zgimsis.gimb.tk/gse/;
#	}
	#location ~ \.php$ {
	#	include snippets/fastcgi-php.conf;
	#	fastcgi_pass unix:/run/php/php7.3-fpm.sock;
	#}
	location ~ /\.ht {
		deny all;
	}
	add_header X-This-Is-Definetley-Not-Flask I-Really-Care-If-Someone-DoSes-This-/s;
	add_header X-I-Mean-If-Someone-Wants-To-DoS-Me They-Have-The-Power-To-Do-It;
	add_header X-Although-It-Is-Illegal-And-I Will-Report-You-To-SiCert-And-They-Will-Bit-Your-Ass;
	port_in_redirect off;
	server_name_in_redirect off;
}