shell script

nginx/authentication

@@ -0,0 +1,13 @@
+#install tolls
+apt install apache2-utils -y
+
+#add user
+htpasswd -c /etc/nginx/.htpasswd myuser
+
+#change nginx configuration
+location / {
+    auth_basic "Restricted Content";
+    auth_basic_user_file /etc/nginx/.htpasswd;
+    root /var/www/html;
+    index index.html index.htm;
+}

nginx/http

@@ -0,0 +1,10 @@
+server {
+    listen 80;
+    
+    server_name domain;
+    root /www/domain;
+    index index.html;
+    
+    access_log /www/log/domain-a.log;
+    error_log /www/log/domain-e.log;
+}

nginx/list

@@ -0,0 +1,9 @@
+total 28K
+-rw-r--r-- 1 root root  279 Jan  4 12:45 authentication
+-rw-r--r-- 1 root root  179 Apr 22 16:57 http
+-rw-r--r-- 1 root root    0 May 22 10:30 list
+-rw-r--r-- 1 root root  614 Apr 27 19:02 match
+-rw-r--r-- 1 root root   52 Apr 27 14:07 onion
+-rw-r--r-- 1 root root  740 Apr 27 19:02 sslreverse
+-rw-r--r-- 1 root root  523 Apr 27 19:02 sslsite
+-rw-r--r-- 1 root root 1005 Apr 27 19:02 transfer

nginx/match

@@ -0,0 +1,28 @@
+server {
+    listen 80;
+    server_name domain;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name domain;
+    
+    ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/domain/privkey.pem;
+    
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    access_log /www/log/domain-a.log;
+    error_log /www/log/domain-e.log;
+    
+    set $root_dir "/www/public";
+    
+    if ($http_user_agent ~* "(curl|wget)") {
+        set $root_dir "/www/sh";
+    }
+    
+    root $root_dir;
+    index index.html;
+}

nginx/onion

@@ -0,0 +1 @@
+add_header Onion-Location "http://xxx$request_uri";

nginx/sslreverse

@@ -0,0 +1,30 @@
+server {
+    listen 80;
+    server_name domain;
+
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl;
+    server_name domain;
+
+    ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/domain/privkey.pem;
+
+    ssl_protocols       TLSv1.2 TLSv1.3;
+    ssl_ciphers         HIGH:!aNULL:!MD5;
+
+    access_log /www/log/domain-a.log;
+    error_log /www/log/domain-e.log;
+
+    location / {
+        proxy_pass http://localhost:8080;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}

nginx/sslsite

@@ -0,0 +1,26 @@
+server {
+    listen 80;
+    server_name domain;
+    return 301 https://$server_name$request_uri;
+}
+
+server {
+    listen 443 ssl;
+    server_name domain;
+
+    ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/domain/privkey.pem;
+    
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers HIGH:!aNULL:!MD5;
+
+    access_log /www/log/domain-a.log;
+    error_log /www/log/domain-e.log;
+
+    root /www/domain;
+    
+    location / {
+        try_files $uri $uri/ =404;
+    }
+}
+

nginx/transfer

@@ -0,0 +1,36 @@
+server {
+    listen 80;
+    server_name domain;
+
+    client_max_body_size 100M;
+    location / {
+        proxy_pass http://localhost:8088;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}
+
+server {
+    listen 443 ssl;
+    server_name domain;
+
+    ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/domain/privkey.pem;
+
+    ssl_protocols       TLSv1.2 TLSv1.3;
+    ssl_ciphers         HIGH:!aNULL:!MD5;
+
+    access_log /www/log/domain-a.log;
+    error_log /www/log/domain-e.log;
+
+    client_max_body_size 100M;
+    location / {
+        proxy_pass http://localhost:8088;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+}