format nginx configuration file

DejavuMoe · May 13, 2023 · 4608b9f · 4608b9f
1 parent 9261f55
commit 4608b9f
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 91 deletions.
diff --git a/cgit/cgit.nginx b/cgit/cgit.nginx
@@ -1,46 +1,46 @@
 server {
     listen [::]:80;
     listen 80;
-    server_name  git.xvo.es;
+    server_name git.yourdomain.com;
     return 301 https://$server_name$request_uri;
 }
 
 server {
     listen [::]:443 ssl http2;
     listen 443 ssl http2;
-    server_name  git.xvo.es;
+    server_name git.yourdomain.com;
 
-    # SSL 证书
-    ssl_certificate /etc/nginx/cert/git.xvo.es.pem;
-    ssl_certificate_key /etc/nginx/cert/git.xvo.es.key;
+    # SSL Certificate Path
+    ssl_certificate /etc/nginx/cert/git.yourdomain.com.pem;
+    ssl_certificate_key /etc/nginx/cert/git.yourdomain.com.key;
 
-    # SSL 安全套件
+    # SSL Security
     ssl_protocols TLSv1.2 TLSv1.3;
     ssl_prefer_server_ciphers on;
     ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
-    
+
     ssl_session_timeout 1d;
     ssl_session_cache shared:SSL:10m;
 
-    # 日志路径
-    access_log  /var/log/nginx/cgit-access.log;
-    error_log   /var/log/nginx/cgit-error.log;
+    # Site Log path
+    access_log /var/log/nginx/cgit-access.log;
+    error_log /var/log/nginx/cgit-error.log;
 
     root /var/www/cgit;
     try_files $uri @cgit;
     client_max_body_size 10m;
 
     location @cgit {
-        include          fastcgi_params;
-        # cgit 的 CGI 脚本路径
-        fastcgi_param    SCRIPT_FILENAME /var/www/cgit/cgit.cgi;
-        fastcgi_param    DOCUMENT_ROOT   /usr/lib/git-core;
-        fastcgi_pass     unix:/var/run/fcgiwrap.socket;
-        fastcgi_param    PATH_INFO    $uri;
-        fastcgi_param    QUERY_STRING $args;
-        fastcgi_param    HTTP_HOST    $server_name;
-        fastcgi_param    GIT_HTTP_EXPORT_ALL   "";
-        fastcgi_param    GIT_PROJECT_ROOT   /home/git;
+        include fastcgi_params;
+        # cgit's CGI script path
+        fastcgi_param SCRIPT_FILENAME /var/www/cgit/cgit.cgi;
+        fastcgi_param DOCUMENT_ROOT /usr/lib/git-core;
+        fastcgi_pass unix:/var/run/fcgiwrap.socket;
+        fastcgi_param PATH_INFO $uri;
+        fastcgi_param QUERY_STRING $args;
+        fastcgi_param HTTP_HOST $server_name;
+        fastcgi_param GIT_HTTP_EXPORT_ALL "";
+        fastcgi_param GIT_PROJECT_ROOT /home/git;
 
         if ($arg_service = git-receive-pack) {
             rewrite (/.*) /git_write/$1 last;
@@ -64,8 +64,8 @@ server {
     }
 
     location ~ /git_write/(.*) {
-        # HTTP 基本认证
-        auth_basic "Require password to push to git.xvo.es:";
+        # HTTP Basic Authentication
+        auth_basic "Authentication Required To Push";
         auth_basic_user_file /etc/nginx/.htpasswd;
         include git-http-backend.conf;
     }

diff --git a/gotosocial/gotosocial.nginx b/gotosocial/gotosocial.nginx
@@ -1,82 +1,82 @@
 server {
-  listen 80;
-  listen [::]:80;
-  server_name yourdomain.com;
-  return 301 https://$server_name$request_uri;
+    listen 80;
+    listen [::]:80;
+    server_name yourdomain.com;
+    return 301 https://$server_name$request_uri;
 }
 
 server {
-  listen 443 ssl http2;
-  listen [::]:443 ssl http2;
-  server_name yourdomain.com;
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name yourdomain.com;
 
-  ssl_certificate     /etc/nginx/cert/yourdomain.com.pem;
-  ssl_certificate_key /etc/nginx/cert/yourdomain.com.key;
+    ssl_certificate     /etc/nginx/cert/yourdomain.com.pem;
+    ssl_certificate_key /etc/nginx/cert/yourdomain.com.key;
+
+    location ~ /.well-known/(webfinger|host-meta)$ {
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
 
-  location ~ /.well-known/(webfinger|host-meta)$ {
-    proxy_set_header Host $host;
-    proxy_set_header X-Forwarded-For $remote_addr;
-    proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_cache gotosocial_ap_public_responses;
+        proxy_cache_background_update on;
+        proxy_cache_key $scheme://$host$uri$is_args$query_string;
+        proxy_cache_valid 200 10m;
+        proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504 http_429;
+        proxy_cache_lock on;
+        add_header X-Cache-Status $upstream_cache_status;
 
-    proxy_cache gotosocial_ap_public_responses;
-    proxy_cache_background_update on;
-    proxy_cache_key $scheme://$host$uri$is_args$query_string;
-    proxy_cache_valid 200 10m;
-    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504 http_429;
-    proxy_cache_lock on;
-    add_header X-Cache-Status $upstream_cache_status;
+        proxy_pass http://127.0.0.1:8788;
+    }
 
-    proxy_pass http://127.0.0.1:8788;
-  }
+    location ~ ^\/users\/(?:[a-z0-9_\.]+)\/main-key$ {
+        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
 
-  location ~ ^\/users\/(?:[a-z0-9_\.]+)\/main-key$ {
-    proxy_set_header Host $host;
-    proxy_set_header X-Forwarded-For $remote_addr;
-    proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_cache gotosocial_ap_public_responses;
+        proxy_cache_background_update on;
+        proxy_cache_key $scheme://$host$uri;
+        proxy_cache_valid 200 604800s;
+        proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504 http_429;
+        proxy_cache_lock on;
+        add_header X-Cache-Status $upstream_cache_status;
 
-    proxy_cache gotosocial_ap_public_responses;
-    proxy_cache_background_update on;
-    proxy_cache_key $scheme://$host$uri;
-    proxy_cache_valid 200 604800s;
-    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504 http_429;
-    proxy_cache_lock on;
-    add_header X-Cache-Status $upstream_cache_status;
+        proxy_pass http://127.0.0.1:8788;
+    }
 
-    proxy_pass http://127.0.0.1:8788;
-  }
+    location /assets/ {
+        alias web-asset-base-dir/;
+        autoindex off;
+        expires 5m;
+        add_header Cache-Control "public";
+    }
 
-  location /assets/ {
-    alias web-asset-base-dir/;
-    autoindex off;
-    expires 5m;
-    add_header Cache-Control "public";
-  }
+    location @fileserver {
+        proxy_set_header Host $host;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
 
-  location @fileserver {
+    location /fileserver/ {
+        proxy_pass http://127.0.0.1:8788/;
+        alias storage-local-base-path/;
+        autoindex off;
+        expires max;
+        add_header Cache-Control "private, immutable";
+        try_files $uri @fileserver;
+    }
 
-    proxy_set_header Host $host;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection "upgrade";
-    proxy_set_header X-Forwarded-For $remote_addr;
-    proxy_set_header X-Forwarded-Proto $scheme;
-  }
-
-  location /fileserver/ {
-    proxy_pass http://127.0.0.1:8788/;
-    alias storage-local-base-path/;
-    autoindex off;
-    expires max;
-    add_header Cache-Control "private, immutable";
-    try_files $uri @fileserver;
-  }
-
-  location / {
-    proxy_pass http://127.0.0.1:8788;
-    proxy_set_header Host $host;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection "upgrade";
-    proxy_set_header X-Forwarded-For $remote_addr;
-    proxy_set_header X-Forwarded-Proto $scheme;
-  }
-  client_max_body_size 40M;
+    location / {
+        proxy_pass http://127.0.0.1:8788;
+        proxy_set_header Host $host;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
+    client_max_body_size 40M;
 }
diff --git a/plausible/plausible.nginx b/plausible/plausible.nginx
@@ -20,7 +20,7 @@ server {
     ssl_prefer_server_ciphers on;
     ssl_session_cache shared:SSL:10m;
     ssl_session_timeout 5m;
-    ssl_ciphers 'TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+AESGCM:EDH+AESGCM:EECDH+CHACHA20:EDH+CHACHA20:EECDH+AES128:EDH+AES128:EECDH+AES256:EDH+AES256:EECDH+3DES:EDH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS';
+    ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256;
 
     location / {
         proxy_pass http://localhost:8000;
@@ -33,4 +33,4 @@ server {
         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
         add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
     }
-}
+}