pit 1.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253
  1. ## pit site config
  2. server {
  3. listen 80;
  4. listen [::]:80;
  5. listen 443 ssl;
  6. listen [::]:443 ssl;
  7. server_name pit.demu.red;
  8. root /var/www/pit;
  9. access_log /var/log/nginx/pit_access.log;
  10. error_log /var/log/nginx/pit_error.log;
  11. ## Disable all methods besides HEAD, GET and POST.
  12. if ($request_method !~ ^(GET|HEAD|POST)$ ) {
  13. return 444;
  14. }
  15. index index.html;
  16. ## Include certbot fix
  17. include /etc/nginx/snippets/nginx.well-known.conf;
  18. ## Include ssl
  19. include /etc/nginx/snippets/nginx.ssl.conf;
  20. ### Deny Stuffs ### {{{
  21. ## Protect specific TXT and config files
  22. location ~ /(\.|readme.html|readme.md|changelog.txt|changelog.md|contributing.txt|contributing.md|license.txt|license.md|legalnotice|privacy.txt|privacy.md|security.txt|security.md|sample-.*txt)
  23. {
  24. deny all;
  25. }
  26. ## Protect .git files
  27. location ~ /\.git/ {
  28. access_log off;
  29. log_not_found off;
  30. deny all;
  31. }
  32. ### End Deny Stuffs ### }}}
  33. ## Error Redirects
  34. error_page 403 /error.html;
  35. error_page 404 /error.html;
  36. error_page 405 /error.html;
  37. error_page 500 501 502 503 504 /error.html;
  38. location = /error.html {
  39. root /var/www/error;
  40. internal;
  41. }
  42. }