updated nginx state
This commit is contained in:
parent
ca43b00bcf
commit
ee05a512bc
@ -16,16 +16,19 @@ types {
|
|||||||
text/vnd.wap.wml wml;
|
text/vnd.wap.wml wml;
|
||||||
text/x-component htc;
|
text/x-component htc;
|
||||||
|
|
||||||
|
image/avif avif;
|
||||||
image/png png;
|
image/png png;
|
||||||
|
image/svg+xml svg svgz;
|
||||||
image/tiff tif tiff;
|
image/tiff tif tiff;
|
||||||
image/vnd.wap.wbmp wbmp;
|
image/vnd.wap.wbmp wbmp;
|
||||||
|
image/webp webp;
|
||||||
image/x-icon ico;
|
image/x-icon ico;
|
||||||
image/x-jng jng;
|
image/x-jng jng;
|
||||||
image/x-ms-bmp bmp;
|
image/x-ms-bmp bmp;
|
||||||
image/svg+xml svg svgz;
|
|
||||||
image/webp webp;
|
|
||||||
|
|
||||||
application/font-woff woff;
|
font/woff woff;
|
||||||
|
font/woff2 woff2;
|
||||||
|
|
||||||
application/java-archive jar war ear;
|
application/java-archive jar war ear;
|
||||||
application/json json;
|
application/json json;
|
||||||
application/mac-binhex40 hqx;
|
application/mac-binhex40 hqx;
|
||||||
@ -33,12 +36,21 @@ types {
|
|||||||
application/pdf pdf;
|
application/pdf pdf;
|
||||||
application/postscript ps eps ai;
|
application/postscript ps eps ai;
|
||||||
application/rtf rtf;
|
application/rtf rtf;
|
||||||
|
application/vnd.apple.mpegurl m3u8;
|
||||||
|
application/vnd.google-earth.kml+xml kml;
|
||||||
|
application/vnd.google-earth.kmz kmz;
|
||||||
application/vnd.ms-excel xls;
|
application/vnd.ms-excel xls;
|
||||||
application/vnd.ms-fontobject eot;
|
application/vnd.ms-fontobject eot;
|
||||||
application/vnd.ms-powerpoint ppt;
|
application/vnd.ms-powerpoint ppt;
|
||||||
|
application/vnd.oasis.opendocument.graphics odg;
|
||||||
|
application/vnd.oasis.opendocument.presentation odp;
|
||||||
|
application/vnd.oasis.opendocument.spreadsheet ods;
|
||||||
|
application/vnd.oasis.opendocument.text odt;
|
||||||
|
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
|
||||||
|
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
|
||||||
|
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
|
||||||
application/vnd.wap.wmlc wmlc;
|
application/vnd.wap.wmlc wmlc;
|
||||||
application/vnd.google-earth.kml+xml kml;
|
application/wasm wasm;
|
||||||
application/vnd.google-earth.kmz kmz;
|
|
||||||
application/x-7z-compressed 7z;
|
application/x-7z-compressed 7z;
|
||||||
application/x-cocoa cco;
|
application/x-cocoa cco;
|
||||||
application/x-java-archive-diff jardiff;
|
application/x-java-archive-diff jardiff;
|
||||||
@ -55,6 +67,7 @@ types {
|
|||||||
application/x-x509-ca-cert der pem crt;
|
application/x-x509-ca-cert der pem crt;
|
||||||
application/x-xpinstall xpi;
|
application/x-xpinstall xpi;
|
||||||
application/xhtml+xml xhtml;
|
application/xhtml+xml xhtml;
|
||||||
|
application/xspf+xml xspf;
|
||||||
application/zip zip;
|
application/zip zip;
|
||||||
|
|
||||||
application/octet-stream bin exe dll;
|
application/octet-stream bin exe dll;
|
||||||
@ -63,10 +76,6 @@ types {
|
|||||||
application/octet-stream iso img;
|
application/octet-stream iso img;
|
||||||
application/octet-stream msi msp msm;
|
application/octet-stream msi msp msm;
|
||||||
|
|
||||||
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
|
|
||||||
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
|
|
||||||
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
|
|
||||||
|
|
||||||
audio/midi mid midi kar;
|
audio/midi mid midi kar;
|
||||||
audio/mpeg mp3;
|
audio/mpeg mp3;
|
||||||
audio/ogg ogg;
|
audio/ogg ogg;
|
||||||
@ -74,6 +83,7 @@ types {
|
|||||||
audio/x-realaudio ra;
|
audio/x-realaudio ra;
|
||||||
|
|
||||||
video/3gpp 3gpp 3gp;
|
video/3gpp 3gpp 3gp;
|
||||||
|
video/mp2t ts;
|
||||||
video/mp4 mp4;
|
video/mp4 mp4;
|
||||||
video/mpeg mpeg mpg;
|
video/mpeg mpeg mpg;
|
||||||
video/quicktime mov;
|
video/quicktime mov;
|
||||||
@ -84,4 +94,4 @@ types {
|
|||||||
video/x-ms-asf asx asf;
|
video/x-ms-asf asx asf;
|
||||||
video/x-ms-wmv wmv;
|
video/x-ms-wmv wmv;
|
||||||
video/x-msvideo avi;
|
video/x-msvideo avi;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -4,7 +4,9 @@ add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; prelo
|
|||||||
add_header X-Content-Type-Options nosniff;
|
add_header X-Content-Type-Options nosniff;
|
||||||
add_header X-Frame-Options DENY;
|
add_header X-Frame-Options DENY;
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
|
||||||
resolver_timeout 5s;
|
resolver_timeout 5s;
|
||||||
|
|
||||||
ssl_certificate /etc/acme/certs/paulbsd.com.cert;
|
ssl_certificate /etc/acme/certs/paulbsd.com.cert;
|
||||||
ssl_certificate_key /etc/acme/keys/paulbsd.com.key;
|
ssl_certificate_key /etc/acme/keys/paulbsd.com.key;
|
||||||
ssl_ciphers EECDH+AESGCM:EECDH+CHACHA20;
|
ssl_ciphers EECDH+AESGCM:EECDH+CHACHA20;
|
||||||
|
|||||||
@ -32,6 +32,10 @@ server {
|
|||||||
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
location ~* .(png|ico|gif|jpg|jpeg|css|js|svg)$ {
|
||||||
|
expires 2d;
|
||||||
|
}
|
||||||
|
|
||||||
location /robots.txt {
|
location /robots.txt {
|
||||||
return 200 "User-agent: *\r\nDisallow: /";
|
return 200 "User-agent: *\r\nDisallow: /";
|
||||||
}
|
}
|
||||||
|
|||||||
@ -55,6 +55,10 @@ server {
|
|||||||
try_files $1 =404;
|
try_files $1 =404;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
location ~* .(png|ico|gif|jpg|jpeg|css|js|svg)$ {
|
||||||
|
expires 2d;
|
||||||
|
}
|
||||||
|
|
||||||
location /robots.txt {
|
location /robots.txt {
|
||||||
return 200 "User-agent: *\r\nDisallow: /";
|
return 200 "User-agent: *\r\nDisallow: /";
|
||||||
}
|
}
|
||||||
|
|||||||
@ -32,6 +32,10 @@ server {
|
|||||||
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
location ~* .(png|ico|gif|jpg|jpeg|css|js|svg)$ {
|
||||||
|
expires 2d;
|
||||||
|
}
|
||||||
|
|
||||||
location /robots.txt {
|
location /robots.txt {
|
||||||
return 200 "User-agent: *\r\nDisallow: /";
|
return 200 "User-agent: *\r\nDisallow: /";
|
||||||
}
|
}
|
||||||
|
|||||||
@ -1,49 +0,0 @@
|
|||||||
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
|
|
||||||
|
|
||||||
server {
|
|
||||||
include http;
|
|
||||||
server_name {{ vhost_name }};
|
|
||||||
return 301 https://$server_name$request_uri;
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
include https;
|
|
||||||
{%- if internal %}
|
|
||||||
#include access;
|
|
||||||
if ($allow = 0) {
|
|
||||||
return 403;
|
|
||||||
}
|
|
||||||
{%- endif %}
|
|
||||||
server_name {{ vhost_name }};
|
|
||||||
{%- if not proxy %}
|
|
||||||
root "{{ root_dir }}";
|
|
||||||
ssl_certificate /etc/acme/certs/services-rd.cert;
|
|
||||||
ssl_certificate_key /etc/acme/keys/services-rd.key;
|
|
||||||
{%- endif %}
|
|
||||||
|
|
||||||
location / {
|
|
||||||
{%- if proxy %}
|
|
||||||
proxy_pass {{ proxy_pass }};
|
|
||||||
{%- if not cache %}
|
|
||||||
proxy_no_cache 1;
|
|
||||||
proxy_cache_bypass 1;
|
|
||||||
{%- endif %}
|
|
||||||
{%- endif %}
|
|
||||||
{%- if autoindex %}
|
|
||||||
autoindex on;
|
|
||||||
autoindex_localtime on;
|
|
||||||
{%- else %}
|
|
||||||
index index.html;
|
|
||||||
{% endif %}
|
|
||||||
}
|
|
||||||
|
|
||||||
{%- for dir in dirs %}
|
|
||||||
location {{ dir.name }} {
|
|
||||||
alias {{ dir.alias }};
|
|
||||||
}
|
|
||||||
{%- endfor %}
|
|
||||||
|
|
||||||
location /robots.txt {
|
|
||||||
return 200 "User-agent: *\r\nDisallow: /";
|
|
||||||
}
|
|
||||||
}
|
|
||||||
@ -51,9 +51,17 @@ server {
|
|||||||
{%- for dir in dirs %}
|
{%- for dir in dirs %}
|
||||||
location {{ dir.name }} {
|
location {{ dir.name }} {
|
||||||
alias {{ dir.alias }};
|
alias {{ dir.alias }};
|
||||||
|
|
||||||
|
location ~* .(png|ico|gif|jpg|jpeg|css|js|svg)$ {
|
||||||
|
expires 2d;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
{%- endfor %}
|
{%- endfor %}
|
||||||
|
|
||||||
|
location ~* .(png|ico|gif|jpg|jpeg|css|js|svg)$ {
|
||||||
|
expires 2d;
|
||||||
|
}
|
||||||
|
|
||||||
location /robots.txt {
|
location /robots.txt {
|
||||||
return 200 "User-agent: *\r\nDisallow: /";
|
return 200 "User-agent: *\r\nDisallow: /";
|
||||||
}
|
}
|
||||||
|
|||||||
@ -28,6 +28,10 @@ server {
|
|||||||
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
location ~* .(png|ico|gif|jpg|jpeg|css|js|svg)$ {
|
||||||
|
expires 2d;
|
||||||
|
}
|
||||||
|
|
||||||
location /robots.txt {
|
location /robots.txt {
|
||||||
return 200 "User-agent: *\r\nDisallow: /";
|
return 200 "User-agent: *\r\nDisallow: /";
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user