maddo/pve-webservers
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

First commit

Browse source
This commit is contained in:
MaddoScientisto 2026-03-13 21:12:15 +01:00
commit fdaacfc5a6
19 changed files with 919 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
nginx/includes/default-php.conf Normal file
View file

@ -0,0 +1,12 @@
index index.php index.html;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_buffers 256 128k;
fastcgi_connect_timeout 300s;
fastcgi_send_timeout 300s;
fastcgi_read_timeout 300s;
include fastcgi_params;
}

14
nginx/includes/default-ssl-rdr.conf Normal file
View file

@ -0,0 +1,14 @@
set $is_redirect "0";
if ( $scheme = "http" ) {
set $is_redirect "1";
}
if ( $uri ~ "^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$" ) {
set $is_redirect "0";
}
if ( $is_redirect ) {
return 301 https://$server_name$request_uri;
}

23
nginx/includes/default-ssl.conf Normal file
View file

@ -0,0 +1,23 @@
listen 443 ssl;
http2 on;
ssl_certificate /usr/local/etc/ssl/$ssl_server_name-combined.pem;
ssl_certificate_key /usr/local/etc/ssl/$ssl_server_name-combined.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
# ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_dhparam /usr/local/etc/ssl/dh.param;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_tickets off;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;

5
nginx/includes/default-wp.conf Normal file
View file

@ -0,0 +1,5 @@
client_max_body_size 800M;
location / {
try_files $uri $uri/ /index.php?$args;
}

27
nginx/includes/default.conf Normal file
View file

@ -0,0 +1,27 @@
root /home/web/$server_name;
listen 80;
index index.html;
access_log /var/log/nginx/$server_name-access.log;
server_tokens off;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Allow access to the ACME Challenge for Let's Encrypt stateless
location ~ ^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$ {
auth_basic off;
allow all;
default_type text/plain;
return 200 "$1.1tLqJzpkjGuP-mOBeLJWDHh_obRyJ7JtHKbUZSuv3SU";
}