271 lines
6.5 KiB
Text
271 lines
6.5 KiB
Text
server {
|
|
server_name git.ari.lt;
|
|
|
|
http2 on;
|
|
listen 80;
|
|
listen [::]:80;
|
|
|
|
limit_req zone=all burst=5 delay=5;
|
|
limit_req zone=allm burst=5 delay=5;
|
|
|
|
include /etc/nginx/snippets.d/paranoia-headers.conf;
|
|
add_header Onion-Location "http://git.arija664fy4c6zhfbsytbqcbz5gcc3qjuwaz4ue6cium5c5fo2fgakyd.onion$request_uri" always;
|
|
|
|
return 301 https://$server_name$request_uri;
|
|
}
|
|
|
|
server {
|
|
server_name git.ari.lt;
|
|
|
|
http2 on;
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
|
|
add_header Onion-Location "http://git.arija664fy4c6zhfbsytbqcbz5gcc3qjuwaz4ue6cium5c5fo2fgakyd.onion$request_uri" always;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/ari.lt-0001/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/ari.lt-0001/privkey.pem;
|
|
ssl_trusted_certificate /etc/letsencrypt/live/ari.lt-0001/chain.pem;
|
|
include /etc/nginx/snippets.d/ssl.conf;
|
|
|
|
limit_req zone=all burst=15 delay=5;
|
|
limit_req zone=allm burst=15 delay=5;
|
|
|
|
include /etc/nginx/snippets.d/5xx.conf;
|
|
|
|
location = /robots.txt {
|
|
add_header Content-Type "text/plain";
|
|
return 200 "User-agent: *
|
|
Disallow: /api/*
|
|
Disallow: /avatars
|
|
Disallow: /user/*
|
|
Disallow: /*/*/src/commit/*
|
|
Disallow: /*/*/commit/*
|
|
Disallow: /*/*/*/refs/*
|
|
Disallow: /*/*/*/star
|
|
Disallow: /*/*/*/watch
|
|
Disallow: /*/*/labels
|
|
Disallow: /*/*/activity/*
|
|
Disallow: /vendor/*
|
|
Disallow: /swagger.*.json
|
|
|
|
Disallow: /explore/*?*
|
|
|
|
Disallow: /repo/create
|
|
Disallow: /repo/migrate
|
|
Disallow: /org/create
|
|
Disallow: /*/*/fork
|
|
|
|
Disallow: /*/*/watchers
|
|
Disallow: /*/*/stargazers
|
|
Disallow: /*/*/forks
|
|
|
|
Disallow: /*/*/activity
|
|
Disallow: /*/*/projects
|
|
Disallow: /*/*/commits/
|
|
Disallow: /*/*/branches
|
|
Disallow: /*/*/tags
|
|
Disallow: /*/*/compare
|
|
Disallow: /*/*/lastcommit/*
|
|
|
|
Disallow: /*/*/issues/new
|
|
Disallow: /*/*/issues/?*
|
|
Disallow: /*/*/issues?*
|
|
Disallow: /*/*/pulls/?*
|
|
Disallow: /*/*/pulls?*
|
|
Disallow: /*/*/pulls/*/files
|
|
|
|
Disallow: /*/tree/
|
|
Disallow: /*/download
|
|
Disallow: /*/revisions
|
|
Disallow: /*/commits/*?author
|
|
Disallow: /*/commits/*?path
|
|
Disallow: /*/comments
|
|
Disallow: /*/blame/
|
|
Disallow: /*/raw/
|
|
Disallow: /*/cache/
|
|
Disallow: /.git/
|
|
Disallow: */.git/
|
|
Disallow: /*.git
|
|
Disallow: /*.atom
|
|
Disallow: /*.rss
|
|
|
|
Disallow: /*/*/archive/
|
|
Disallow: *.bundle
|
|
Disallow: */commit/*.patch
|
|
Disallow: */commit/*.diff
|
|
|
|
Disallow: /*lang=*
|
|
Disallow: /*source=*
|
|
Disallow: /*ref_cta=*
|
|
Disallow: /*plan=*
|
|
Disallow: /*return_to=*
|
|
Disallow: /*ref_loc=*
|
|
Disallow: /*setup_organization=*
|
|
Disallow: /*source_repo=*
|
|
Disallow: /*ref_page=*
|
|
Disallow: /*source=*
|
|
Disallow: /*referrer=*
|
|
Disallow: /*report=*
|
|
Disallow: /*author=*
|
|
Disallow: /*since=*
|
|
Disallow: /*until=*
|
|
Disallow: /*commits?author=*
|
|
Disallow: /*tab=*
|
|
Disallow: /*q=*
|
|
Disallow: /*repo-search-archived=*
|
|
|
|
# Excluded files
|
|
Disallow: /ari.lt/arivertisements/src/branch/main/index.json
|
|
Disallow: /ari.lt/arivertisements/raw/branch/main/index.json
|
|
Disallow: /arivertisements/src/branch/main/meta
|
|
Disallow: /arivertisements/src/branch/main/meta/*
|
|
Disallow: /ari.lt/arivertisements/raw/branch/main/meta
|
|
Disallow: /ari.lt/arivertisements/raw/branch/main/meta/*
|
|
Disallow: /ari.lt/arivertisements/src/branch/main/CONTRIBUTORS
|
|
Disallow: /ari.lt/arivertisements/raw/branch/main/CONTRIBUTORS
|
|
|
|
Crawl-delay: 2
|
|
|
|
# Inspired by https://codeberg.org/robots.txt";
|
|
}
|
|
|
|
location /api/actions/runner.v1.RunnerService/FetchTask {
|
|
access_log off;
|
|
include /etc/nginx/snippets.d/proxy-rt.conf;
|
|
proxy_pass http://127.0.0.1:3000;
|
|
}
|
|
|
|
location / {
|
|
include /etc/nginx/snippets.d/proxy-rt.conf;
|
|
proxy_pass http://127.0.0.1:3000;
|
|
client_max_body_size 512M;
|
|
}
|
|
}
|
|
|
|
server {
|
|
server_name git.arija664fy4c6zhfbsytbqcbz5gcc3qjuwaz4ue6cium5c5fo2fgakyd.onion;
|
|
|
|
http2 on;
|
|
listen 80;
|
|
|
|
limit_req zone=all burst=15 delay=5;
|
|
limit_req zone=allm burst=15 delay=5;
|
|
|
|
include /etc/nginx/snippets.d/5xx.conf;
|
|
|
|
location ~ ^/(user|admin)/ {
|
|
include /etc/nginx/snippets.d/paranoia-headers.conf;
|
|
return 301 $scheme://$server_name;
|
|
}
|
|
|
|
location = /robots.txt {
|
|
add_header Content-Type "text/plain";
|
|
return 200 "User-agent: *
|
|
Disallow: /api/*
|
|
Disallow: /avatars
|
|
Disallow: /user/*
|
|
Disallow: /*/*/src/commit/*
|
|
Disallow: /*/*/commit/*
|
|
Disallow: /*/*/*/refs/*
|
|
Disallow: /*/*/*/star
|
|
Disallow: /*/*/*/watch
|
|
Disallow: /*/*/labels
|
|
Disallow: /*/*/activity/*
|
|
Disallow: /vendor/*
|
|
Disallow: /swagger.*.json
|
|
|
|
Disallow: /explore/*?*
|
|
|
|
Disallow: /repo/create
|
|
Disallow: /repo/migrate
|
|
Disallow: /org/create
|
|
Disallow: /*/*/fork
|
|
|
|
Disallow: /*/*/watchers
|
|
Disallow: /*/*/stargazers
|
|
Disallow: /*/*/forks
|
|
|
|
Disallow: /*/*/activity
|
|
Disallow: /*/*/projects
|
|
Disallow: /*/*/commits/
|
|
Disallow: /*/*/branches
|
|
Disallow: /*/*/tags
|
|
Disallow: /*/*/compare
|
|
Disallow: /*/*/lastcommit/*
|
|
|
|
Disallow: /*/*/issues/new
|
|
Disallow: /*/*/issues/?*
|
|
Disallow: /*/*/issues?*
|
|
Disallow: /*/*/pulls/?*
|
|
Disallow: /*/*/pulls?*
|
|
Disallow: /*/*/pulls/*/files
|
|
|
|
Disallow: /*/tree/
|
|
Disallow: /*/download
|
|
Disallow: /*/revisions
|
|
Disallow: /*/commits/*?author
|
|
Disallow: /*/commits/*?path
|
|
Disallow: /*/comments
|
|
Disallow: /*/blame/
|
|
Disallow: /*/raw/
|
|
Disallow: /*/cache/
|
|
Disallow: /.git/
|
|
Disallow: */.git/
|
|
Disallow: /*.git
|
|
Disallow: /*.atom
|
|
Disallow: /*.rss
|
|
|
|
Disallow: /*/*/archive/
|
|
Disallow: *.bundle
|
|
Disallow: */commit/*.patch
|
|
Disallow: */commit/*.diff
|
|
|
|
Disallow: /*lang=*
|
|
Disallow: /*source=*
|
|
Disallow: /*ref_cta=*
|
|
Disallow: /*plan=*
|
|
Disallow: /*return_to=*
|
|
Disallow: /*ref_loc=*
|
|
Disallow: /*setup_organization=*
|
|
Disallow: /*source_repo=*
|
|
Disallow: /*ref_page=*
|
|
Disallow: /*source=*
|
|
Disallow: /*referrer=*
|
|
Disallow: /*report=*
|
|
Disallow: /*author=*
|
|
Disallow: /*since=*
|
|
Disallow: /*until=*
|
|
Disallow: /*commits?author=*
|
|
Disallow: /*tab=*
|
|
Disallow: /*q=*
|
|
Disallow: /*repo-search-archived=*
|
|
|
|
# Excluded files
|
|
Disallow: /ari.lt/arivertisements/src/branch/main/index.json
|
|
Disallow: /ari.lt/arivertisements/raw/branch/main/index.json
|
|
Disallow: /arivertisements/src/branch/main/meta
|
|
Disallow: /arivertisements/src/branch/main/meta/*
|
|
Disallow: /ari.lt/arivertisements/raw/branch/main/meta
|
|
Disallow: /ari.lt/arivertisements/raw/branch/main/meta/*
|
|
Disallow: /ari.lt/arivertisements/src/branch/main/CONTRIBUTORS
|
|
Disallow: /ari.lt/arivertisements/raw/branch/main/CONTRIBUTORS
|
|
|
|
Crawl-delay: 2
|
|
|
|
# Inspired by https://codeberg.org/robots.txt";
|
|
}
|
|
|
|
location /api/actions/runner.v1.RunnerService/FetchTask {
|
|
access_log off;
|
|
include /etc/nginx/snippets.d/proxy-rt.conf;
|
|
proxy_pass http://127.0.0.1:3000;
|
|
}
|
|
|
|
location / {
|
|
include /etc/nginx/snippets.d/proxy-rt.conf;
|
|
proxy_pass http://127.0.0.1:3000;
|
|
client_max_body_size 512M;
|
|
}
|
|
}
|
|
|