get configs from mirror
This commit is contained in:
parent
7d6a55e2c8
commit
38affd9371
|
@ -0,0 +1,12 @@
|
|||
make `/mirror/root` dir
|
||||
|
||||
this `include/` dir contains files used by the index.html from index
|
||||
```
|
||||
include/ ->
|
||||
/mirror/root/include/
|
||||
```
|
||||
|
||||
```
|
||||
proftpd.conf ->
|
||||
/etc/proftpd/proftpd.conf
|
||||
```
|
Binary file not shown.
After Width: | Height: | Size: 1.1 KiB |
Binary file not shown.
After Width: | Height: | Size: 14 KiB |
|
@ -0,0 +1,12 @@
|
|||
*
|
||||
* Welcome to the University of Waterloo Computer Science Club Mirror
|
||||
*
|
||||
* https://csclub.uwaterloo.ca/
|
||||
*
|
||||
* Hardware funded by MEF (https://www.student.math.uwaterloo.ca/~mefcom/)
|
||||
*
|
||||
* Admin Contact: systems-committee@csclub.uwaterloo.ca
|
||||
* Hostname: mirror.csclub.uwaterloo.ca
|
||||
* IPv4 Address: 129.97.134.71
|
||||
* IPv6 Address: 2620:101:f000:4901:c5c::f:1055
|
||||
*
|
|
@ -0,0 +1,144 @@
|
|||
#
|
||||
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
|
||||
# To really apply changes reload proftpd after modifications.
|
||||
#
|
||||
|
||||
# Includes DSO modules
|
||||
Include /etc/proftpd/modules.conf
|
||||
|
||||
UseReverseDNS off
|
||||
IdentLookups off
|
||||
|
||||
# dtbartle - limit resources used by an ftp session
|
||||
#RLimitCPU session 10
|
||||
#RLimitMemory session 4096K
|
||||
|
||||
# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
|
||||
UseIPv6 on
|
||||
|
||||
ServerName "mirror.csclub"
|
||||
ServerType standalone
|
||||
DeferWelcome off
|
||||
|
||||
MultilineRFC2228 on
|
||||
DefaultServer on
|
||||
ShowSymlinks on
|
||||
|
||||
TimeoutNoTransfer 600
|
||||
TimeoutStalled 600
|
||||
TimeoutIdle 1200
|
||||
|
||||
DisplayLogin /include/motd.msg
|
||||
DisplayChdir .message
|
||||
ListOptions "-l"
|
||||
|
||||
DenyFilter \*.*/
|
||||
|
||||
# Port 21 is the standard FTP port.
|
||||
Port 21
|
||||
|
||||
# In some cases you have to specify passive ports range to by-pass
|
||||
# firewall limitations. Ephemeral ports can be used for that, but
|
||||
# feel free to use a more narrow range.
|
||||
PassivePorts 49152 65534
|
||||
|
||||
# To prevent DoS attacks, set the maximum number of child processes
|
||||
# to 30. If you need to allow more than 30 concurrent connections
|
||||
# at once, simply increase this value. Note that this ONLY works
|
||||
# in standalone mode, in inetd mode you should use an inetd server
|
||||
# that allows you to limit maximum number of processes per service
|
||||
# (such as xinetd)
|
||||
MaxInstances 500
|
||||
|
||||
# Set the user and group that the server normally runs at.
|
||||
User proftpd
|
||||
Group nogroup
|
||||
|
||||
# Umask 022 is a good standard umask to prevent new files and dirs
|
||||
# (second parm) from being group and world writable.
|
||||
Umask 022 022
|
||||
# Normally, we want files to be overwriteable.
|
||||
AllowOverwrite on
|
||||
|
||||
# Uncomment this if you are using NIS or LDAP to retrieve passwords:
|
||||
# PersistentPasswd off
|
||||
|
||||
# Be warned: use of this directive impacts CPU average load!
|
||||
#
|
||||
# Uncomment this if you like to see progress and transfer rate with ftpwho
|
||||
# in downloads. That is not needed for uploads rates.
|
||||
# UseSendFile off
|
||||
|
||||
TransferLog /var/log/proftpd/xferlog
|
||||
SystemLog /var/log/proftpd/proftpd.log
|
||||
|
||||
<IfModule mod_tls.c>
|
||||
TLSEngine off
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_quota.c>
|
||||
QuotaEngine on
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_ratio.c>
|
||||
Ratios on
|
||||
</IfModule>
|
||||
|
||||
|
||||
# Delay engine reduces impact of the so-called Timing Attack described in
|
||||
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
|
||||
# It is on by default.
|
||||
<IfModule mod_delay.c>
|
||||
DelayEngine on
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_ctrls.c>
|
||||
ControlsEngine on
|
||||
ControlsMaxClients 2
|
||||
ControlsLog /var/log/proftpd/controls.log
|
||||
ControlsInterval 5
|
||||
ControlsSocket /var/run/proftpd/proftpd.sock
|
||||
</IfModule>
|
||||
|
||||
<IfModule mod_ctrls_admin.c>
|
||||
AdminControlsEngine on
|
||||
</IfModule>
|
||||
|
||||
# A basic anonymous configuration, no upload directories.
|
||||
|
||||
<Anonymous /mirror/root>
|
||||
User ftp
|
||||
Group nogroup
|
||||
# We want clients to be able to login with "anonymous" as well as "ftp"
|
||||
UserAlias anonymous ftp
|
||||
# Cosmetic changes, all files belongs to ftp user
|
||||
DirFakeUser on ftp
|
||||
DirFakeGroup on ftp
|
||||
|
||||
RequireValidShell off
|
||||
|
||||
# Limit the maximum number of anonymous logins
|
||||
MaxClients 500
|
||||
|
||||
# Limit WRITE everywhere in the anonymous chroot
|
||||
<Directory *>
|
||||
<Limit WRITE>
|
||||
DenyAll
|
||||
</Limit>
|
||||
HideFiles "(\\.bak.html|lost\\+found|new-index.html|mirror-rootfs|mirror-highpriority)"
|
||||
</Directory>
|
||||
|
||||
# # Uncomment this if you're brave.
|
||||
# # <Directory incoming>
|
||||
# # # Umask 022 is a good standard umask to prevent new files and dirs
|
||||
# # # (second parm) from being group and world writable.
|
||||
# # Umask 022 022
|
||||
# # <Limit READ WRITE>
|
||||
# # DenyAll
|
||||
# # </Limit>
|
||||
# # <Limit STOR>
|
||||
# # AllowAll
|
||||
# # </Limit>
|
||||
# # </Directory>
|
||||
#
|
||||
</Anonymous>
|
|
@ -0,0 +1,9 @@
|
|||
```
|
||||
csc-mirror ->
|
||||
/etc/cron.d/csc-mirror
|
||||
```
|
||||
make the `/home/mirror` dir
|
||||
```
|
||||
mirror-index/ ->
|
||||
/home/mirror/mirror-index/
|
||||
```
|
|
@ -0,0 +1,30 @@
|
|||
# /etc/cron.d/csc-mirror: mirror cron jobs
|
||||
|
||||
MAILTO=ztseguin@csclub.uwaterloo.ca
|
||||
|
||||
# m h dom mon dow user command
|
||||
|
||||
# UPS Health
|
||||
* * * * * mirror /usr/bin/flock -w 0 /tmp/ups-status.lock /bin/bash -c "/usr/local/bin/ups-status >/mirror/root/ups 2>/dev/null" 2>/dev/null
|
||||
|
||||
# reprepro incoming
|
||||
*/10 * * * * root /srv/debian/bin/rrr-incoming cron
|
||||
|
||||
# reprepro mirroring
|
||||
5 */4 * * * root /srv/debian/bin/rrr-update cron
|
||||
|
||||
# regenerate mirror index at 5:40 am on 14th & 28th of every month
|
||||
# feel free to run this manually if you've added or removed an
|
||||
# archive or some such thing
|
||||
#
|
||||
# Documented here: http://wiki.csclub.uwaterloo.ca/Mirror#Index
|
||||
#
|
||||
# ztseguin - temporarilly disabled until script can be updated to handle symlink farm
|
||||
# 40 5 */14 * * mirror cd /home/mirror/mirror-index && /home/mirror/mirror-index/make-index.py
|
||||
#30 3 * * 0 mirror cd /home/mirror/mirror-index && /home/mirror/mirror-index/make-index.py
|
||||
|
||||
# Update index hourly
|
||||
0 * * * * mirror cd /home/mirror/mirror-index && /home/mirror/mirror-index/make-index.py
|
||||
|
||||
0 * * * * mirror /home/mirror/bin/zfssync csclub >/home/mirror/merlin/logs/zfssync-csclub 2>/dev/null
|
||||
0 * * * * mirror /home/mirror/bin/zfssync wics >/home/mirror/merlin/logs/zfssync-wics 2>/dev/null
|
|
@ -0,0 +1,299 @@
|
|||
docroot: /mirror/root
|
||||
duflags: --max-depth=0 --dereference-args --exclude=/mirror/root/pub
|
||||
output: /mirror/root/index.html
|
||||
|
||||
exclude:
|
||||
- include
|
||||
- lost+found
|
||||
- pub
|
||||
- uw-courseware
|
||||
- wics
|
||||
- mirror-rootfs
|
||||
- mirror-highpriority
|
||||
- ups
|
||||
|
||||
directories:
|
||||
alpine:
|
||||
site: alpinelinux.org
|
||||
url: https://alpinelinux.org/
|
||||
|
||||
almalinux:
|
||||
site: almalinux.org
|
||||
url: https://almalinux.org
|
||||
|
||||
apache:
|
||||
site: apache.org
|
||||
url: https://www.apache.org/
|
||||
|
||||
archlinux:
|
||||
site: archlinux.org
|
||||
url: https://www.archlinux.org/
|
||||
|
||||
centos:
|
||||
site: centos.org
|
||||
url: https://www.centos.org/
|
||||
|
||||
ceph:
|
||||
site: ceph.io
|
||||
url: https://ceph.io
|
||||
|
||||
CPAN:
|
||||
site: cpan.org
|
||||
url: https://www.cpan.org/
|
||||
|
||||
CRAN:
|
||||
site: r-project.org
|
||||
url: https://cran.r-project.org/
|
||||
|
||||
csclub:
|
||||
site: csclub.uwaterloo.ca
|
||||
url: https://csclub.uwaterloo.ca/media/
|
||||
|
||||
CTAN:
|
||||
site: ctan.org
|
||||
url: https://www.ctan.org/
|
||||
|
||||
cygwin:
|
||||
site: cygwin.com
|
||||
url: https://www.cygwin.com/
|
||||
|
||||
damnsmalllinux:
|
||||
site: damnsmalllinux.org
|
||||
url: https://www.damnsmalllinux.org/
|
||||
|
||||
debian:
|
||||
site: debian.org
|
||||
url: https://www.debian.org/
|
||||
|
||||
debian-backports:
|
||||
site: backports.debian.org
|
||||
url: https://backports.debian.org/
|
||||
|
||||
debian-cd:
|
||||
site: debian.org
|
||||
url: https://www.debian.org/CD/
|
||||
|
||||
debian-multimedia:
|
||||
site: debian-multimedia.org
|
||||
url: https://www.debian-multimedia.org/
|
||||
|
||||
debian-ports:
|
||||
site: debian-ports.org
|
||||
url: https://www.debian-ports.org/
|
||||
|
||||
debian-security:
|
||||
site: debian.org
|
||||
url: https://www.debian.org/security/
|
||||
|
||||
debian-volatile:
|
||||
site: debian.org
|
||||
url: https://www.debian.org/volatile/
|
||||
|
||||
eclipse:
|
||||
site: eclipse.org
|
||||
url: https://www.eclipse.org/
|
||||
|
||||
emacsconf:
|
||||
site: emacsconf.org
|
||||
url: https://emacsconf.org
|
||||
|
||||
# this is no longer a project
|
||||
# emdebian:
|
||||
# site: emdebian.org
|
||||
# url: https://www.emdebian.org/
|
||||
|
||||
fedora:
|
||||
site: fedoraproject.org
|
||||
url: https://www.fedoraproject.org/
|
||||
|
||||
FreeBSD:
|
||||
site: freebsd.org
|
||||
url: https://www.freebsd.org/
|
||||
|
||||
gentoo-distfiles:
|
||||
site: gentoo.org
|
||||
url: https://www.gentoo.org/
|
||||
|
||||
gentoo-portage:
|
||||
site: gentoo.org
|
||||
url: https://www.gentoo.org/
|
||||
|
||||
gnome:
|
||||
site: gnome.org
|
||||
url: https://www.gnome.org/
|
||||
|
||||
gnu:
|
||||
site: gnu.org
|
||||
url: https://www.gnu.org/
|
||||
|
||||
gutenberg:
|
||||
site: gutenberg.org
|
||||
url: https://www.gutenberg.org/
|
||||
|
||||
kali:
|
||||
site: kali.org
|
||||
url: https://www.kali.org/
|
||||
|
||||
kali-images:
|
||||
site: kali.org
|
||||
url: https://www.kali.org/
|
||||
|
||||
kde:
|
||||
site: kde.org
|
||||
url: https://www.kde.org/
|
||||
|
||||
kde-applicationdata:
|
||||
site: kde.org
|
||||
url: https://www.kde.org/
|
||||
|
||||
kernel.org:
|
||||
site: kernel.org
|
||||
url: https://www.kernel.org/
|
||||
|
||||
linuxmint:
|
||||
site: linuxmint.com
|
||||
url: https://www.linuxmint.com/
|
||||
|
||||
linuxmint-packages:
|
||||
site: linuxmint.com
|
||||
url: https://www.linuxmint.com/
|
||||
|
||||
MacPorts:
|
||||
site: macports.org
|
||||
url: https://www.macports.org/
|
||||
|
||||
mozdev:
|
||||
site: mozdev.org
|
||||
url: https://www.mozdev.org/
|
||||
|
||||
mozilla.org:
|
||||
site: mozilla.org
|
||||
url: https://www.mozilla.org/
|
||||
|
||||
mysql:
|
||||
site: mysql.com
|
||||
url: https://www.mysql.com/
|
||||
|
||||
nongnu:
|
||||
site: nongnu.org
|
||||
url: https://savannah.nongnu.org/
|
||||
|
||||
openoffice:
|
||||
site: openoffice.org
|
||||
url: https://www.openoffice.org/
|
||||
|
||||
opensuse:
|
||||
site: opensuse.org
|
||||
url: https://www.opensuse.org/
|
||||
|
||||
OpenBSD:
|
||||
site: openbsd.org
|
||||
url: https://www.openbsd.org/
|
||||
|
||||
puppylinux:
|
||||
site: puppylinux.org
|
||||
url: https://puppylinux.org/
|
||||
|
||||
qtproject:
|
||||
site: qt-project.org
|
||||
url: https://qt-project.org/
|
||||
|
||||
racket:
|
||||
site: racket-lang.org
|
||||
url: https://racket-lang.org/
|
||||
|
||||
sage:
|
||||
site: sagemath.org
|
||||
url: https://www.sagemath.org/
|
||||
|
||||
saltstack:
|
||||
site: saltstack.com
|
||||
url: https://saltstack.com/
|
||||
|
||||
slackware:
|
||||
site: slackware.com
|
||||
url: https://www.slackware.com/
|
||||
|
||||
tdf:
|
||||
site: documentfoundation.org
|
||||
url: https://www.documentfoundation.org/
|
||||
|
||||
ubuntu:
|
||||
site: ubuntu.com
|
||||
url: https://www.ubuntu.com/
|
||||
|
||||
ubuntu-ports:
|
||||
site: ports.ubuntu.com
|
||||
url: http://ports.ubuntu.com/ubuntu-ports/
|
||||
|
||||
ubuntu-ports-releases:
|
||||
site: ports.ubuntu.com
|
||||
url: https://cdimage.ubuntu.com/releases/
|
||||
|
||||
ubuntu-releases:
|
||||
site: releases.ubuntu.com
|
||||
url: https://releases.ubuntu.com/
|
||||
|
||||
vlc:
|
||||
site: videolan.org
|
||||
url: https://videolan.org/
|
||||
|
||||
xiph:
|
||||
site: xiph.org
|
||||
url: https://xiph.org/
|
||||
|
||||
x.org:
|
||||
site: x.org
|
||||
url: https://www.x.org/
|
||||
|
||||
xubuntu-releases:
|
||||
site: xubuntu.org
|
||||
url: https://www.xubuntu.org/
|
||||
|
||||
NetBSD:
|
||||
site: netbsd.org
|
||||
url: https://www.netbsd.org/
|
||||
|
||||
pkgsrc:
|
||||
site: pkgsrc.org
|
||||
url: https://pkgsrc.org/
|
||||
|
||||
raspberrypi:
|
||||
site: raspberrypi.org
|
||||
url: https://www.raspberrypi.org/
|
||||
|
||||
raspbian:
|
||||
site: raspbian.org
|
||||
url: https://www.raspbian.org/
|
||||
|
||||
ipfire:
|
||||
site: ipfire.org
|
||||
url: https://www.ipfire.org/
|
||||
|
||||
manjaro:
|
||||
site: manjaro.org
|
||||
url: https://manjaro.org/
|
||||
|
||||
scientific:
|
||||
site: scientificlinux.org
|
||||
url: https://www.scientificlinux.org/
|
||||
|
||||
mxlinux:
|
||||
site: mxlinux.org
|
||||
url: https://mxlinux.org
|
||||
|
||||
mxlinux-iso:
|
||||
site: mxlinux.org
|
||||
url: https://mxlinux.org
|
||||
|
||||
parabola:
|
||||
site: parabola.nu
|
||||
url: https://www.parabola.nu/
|
||||
|
||||
hyperbola:
|
||||
site: hyperbola.info
|
||||
url: https://www.hyperbola.info/
|
||||
|
||||
trisquel:
|
||||
site: trisquel.info
|
||||
url: https://trisquel.info/
|
|
@ -0,0 +1,43 @@
|
|||
img {
|
||||
border: none;
|
||||
}
|
||||
html {
|
||||
margin:0.5ex;
|
||||
font-family: sans-serif;
|
||||
font-size: 110%;
|
||||
}
|
||||
p {
|
||||
margin: 1ex 0;
|
||||
}
|
||||
table {
|
||||
border-collapse: collapse;
|
||||
text-align: left;
|
||||
width: 100%;
|
||||
}
|
||||
td {
|
||||
border-top: 1px solid #aaa;
|
||||
}
|
||||
th, td {
|
||||
padding: .4ex 2em .4ex 0;
|
||||
}
|
||||
h1 {
|
||||
font-size: 110%;
|
||||
}
|
||||
#logo {
|
||||
width: 100%;
|
||||
text-align: center;
|
||||
margin-bottom:1em;
|
||||
}
|
||||
#footer {
|
||||
margin: 2em auto 0 auto;
|
||||
width: 75%;
|
||||
font-size: 70%;
|
||||
text-align: center;
|
||||
}
|
||||
body {
|
||||
max-width: 40em;
|
||||
margin-top:0;
|
||||
padding-top:0;
|
||||
}
|
||||
|
||||
tr :last-child { text-align: right; }
|
|
@ -0,0 +1,49 @@
|
|||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8" />
|
||||
<link rel="stylesheet" type="text/css" href="index.css" />
|
||||
<title>Computer Science Club Mirror</title>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div id="logo">
|
||||
<a href="/"><img src="/include/header.png" alt="Computer Science Club Mirror - The University of Waterloo - Funded by MEF" title="Computer Science Club Mirror - The University of Waterloo - Funded by MEF" /></a>
|
||||
</div>
|
||||
|
||||
<div id="listing">
|
||||
<table>
|
||||
<tr><th>Directory</th><th>Project Site</th><th>Size</th></tr>
|
||||
|
||||
% for dir in directories:
|
||||
<tr>
|
||||
<td>
|
||||
${h.link_to(dir['dir']+'/', '/'+dir['dir']+'/')}
|
||||
</td>
|
||||
|
||||
<td>
|
||||
% if 'site' in dir:
|
||||
${h.link_to(dir['site'], dir['url'])}
|
||||
% endif
|
||||
</td>
|
||||
|
||||
<td>${dir['size'] | h}</td>
|
||||
</tr>
|
||||
|
||||
% endfor \
|
||||
|
||||
<tr class="total">
|
||||
<td>Total</td>
|
||||
<td></td>
|
||||
<td>${total_size}</td>
|
||||
</tr>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
<div id="footer">
|
||||
<p>This service is run by the <a href="https://csclub.uwaterloo.ca/">Computer Science Club of the University of Waterloo</a>.<br />It is made possible by funding from the <a href="https://uwaterloo.ca/math-endowment-fund/">Mathematics Endowment Fund</a><br />and support from the <a href="https://cs.uwaterloo.ca">David R. Cheriton School of Computer Science</a>.</p>
|
||||
<p>Report an issue or request we mirror a project by contacting <a href="mailto:systems-committee@csclub.uwaterloo.ca">systems-committee@csclub.uwaterloo.ca</a>.</p>
|
||||
<p>Generated (local time): ${generated.strftime("%Y-%m-%d %-I:%M%p")}</p>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,231 @@
|
|||
#!/usr/bin/env python2
|
||||
"""make-index.py
|
||||
|
||||
Generates an nice index of the directories from a
|
||||
template.
|
||||
|
||||
Original Author: Jeremy Roman <jbroman@csclub.uwaterloo.ca>
|
||||
Modified by: Zachary Seguin <ztseguin@csclub.uwaterloo.ca>
|
||||
|
||||
So if you don't like how I did something,
|
||||
I'm the person you get to complain to.
|
||||
Please be gentle.
|
||||
"""
|
||||
|
||||
import os, sys, time
|
||||
from subprocess import Popen, PIPE
|
||||
from optparse import OptionParser
|
||||
import yaml, mako.exceptions, webhelpers.html.tags
|
||||
from mako.template import Template
|
||||
import humanize
|
||||
import datetime
|
||||
|
||||
def parse_size(s):
|
||||
if s.endswith("T"):
|
||||
return float(s[:-1])*1000*1000*1000*1000
|
||||
elif s.endswith("G"):
|
||||
return float(s[:-1])*1000*1000*1000
|
||||
elif s.endswith("M"):
|
||||
return float(s[:-1])*1000*1000
|
||||
elif s.endswith("K"):
|
||||
return float(s[:-1])*1000
|
||||
|
||||
return float(size)
|
||||
|
||||
def reformat_size(size):
|
||||
return humanize.naturalsize(size)
|
||||
|
||||
def atomic_write(filename, body):
|
||||
"""Atomically write to a file by writing a
|
||||
temporary file and then moving it to replace
|
||||
the desired output file.
|
||||
|
||||
This ensures that partial files are never seen
|
||||
by clients."""
|
||||
|
||||
# generate an appropriate temporary filename
|
||||
# in the same directory
|
||||
tmp_filename = "%s.%d.tmp" % (filename, os.getpid())
|
||||
|
||||
# open the directory so that we can fsync it
|
||||
dir = os.open(os.path.realpath(os.path.dirname(filename)), \
|
||||
os.O_DIRECTORY | os.O_RDONLY)
|
||||
|
||||
# write to the temporary file
|
||||
tmp = open(tmp_filename, 'w')
|
||||
print >>tmp, body
|
||||
tmp.flush()
|
||||
os.fsync(tmp.fileno())
|
||||
tmp.close()
|
||||
|
||||
# atomically replace the actual file
|
||||
os.rename(tmp_filename, filename)
|
||||
os.fsync(dir)
|
||||
os.close(dir)
|
||||
|
||||
def main():
|
||||
# accept command-line arguments
|
||||
parser = OptionParser()
|
||||
parser.add_option("-c", "--config", dest="config", default="config.yaml",
|
||||
help="configuration file to be used", metavar="FILE")
|
||||
parser.add_option("-D", "--docroot", dest="docroot",
|
||||
help="directory to be scanned", metavar="DIR")
|
||||
parser.add_option("-F", "--duflags", dest="duflags",
|
||||
help="flags to be passed to du, replaces any in config")
|
||||
parser.add_option("-o", "--output", dest="output", metavar="FILE",
|
||||
help="file to which index page will be written. "
|
||||
"Use /dev/stdout to send to standard out.")
|
||||
parser.add_option("-t", "--template", dest="template",
|
||||
help="Mako template to render", metavar="FILE")
|
||||
parser.add_option("--nonatomic", dest="nonatomic", action="store_true",
|
||||
default=False, help="write the output to the path "
|
||||
"given without creating a temporary file in between. "
|
||||
"This is automatically set if the output appears "
|
||||
"to be a character device, not a file.")
|
||||
(options, args) = parser.parse_args()
|
||||
|
||||
# load config file
|
||||
try:
|
||||
config = yaml.load(file(options.config,'r'), Loader=yaml.FullLoader)
|
||||
except:
|
||||
config = None
|
||||
|
||||
if not config or type(config) != dict:
|
||||
print >>sys.stderr, "Unable to load configuration '%s'." % options.config
|
||||
sys.exit(-1)
|
||||
|
||||
# determine important variables based on an appropriate order of
|
||||
# precedence (command-line flags first, then the config file,
|
||||
# then built-in fallbacks)
|
||||
#
|
||||
# fallback value for nonatomic is used so that character devices
|
||||
# (e.g. /dev/stdout, /dev/null) are written to in the regular way
|
||||
docroot = options.docroot or config.get('docroot')
|
||||
duflags = options.duflags or config.get('duflags') or "-h --max-depth=1 --exclude='.~tmp~'"
|
||||
output = options.output or config.get('output')
|
||||
template = options.template or config.get("template") or "index.mako"
|
||||
nonatomic = options.nonatomic or config.get("nonatomic") or \
|
||||
(os.path.exists(output) and not os.path.isfile(output))
|
||||
|
||||
# sanity checks
|
||||
if not docroot:
|
||||
print >>sys.stderr, "docroot not specified."
|
||||
print >>sys.stderr, "Define it in the config file or pass -D on the command line."
|
||||
sys.exit(-1)
|
||||
elif not output:
|
||||
print >>sys.stderr, "output not specified."
|
||||
print >>sys.stderr, "Define it in the config file or pass -o on the command line."
|
||||
elif not config.get('directories'):
|
||||
print >>sys.stderr, "directories not specified."
|
||||
print >>sys.stderr, "Define it in the config file."
|
||||
sys.exit(-1)
|
||||
elif not os.path.isdir(docroot):
|
||||
print >>sys.stderr, "docroot '%s' not found or not a directory." % docroot
|
||||
sys.exit(-1)
|
||||
elif not os.path.exists(template) or os.path.isdir(template):
|
||||
print >>sys.stderr, "template '%s' not found or is a directory." % template
|
||||
sys.exit(-1)
|
||||
|
||||
generated = datetime.datetime.now()
|
||||
|
||||
directories = []
|
||||
total_size = 0.0
|
||||
|
||||
ls = os.listdir(docroot)
|
||||
|
||||
for item in ls:
|
||||
if item == "pub":
|
||||
continue
|
||||
|
||||
path = os.path.join(docroot, item)
|
||||
|
||||
# If symlink, then this is a project
|
||||
if os.path.islink(path):
|
||||
dataset = os.readlink(path)[1:]
|
||||
|
||||
# Get the disk space used by that dataset
|
||||
du = Popen(
|
||||
"/usr/bin/sudo /sbin/zfs get -H -o value used %s" % dataset,
|
||||
shell=True, stdout=PIPE, stderr=PIPE).communicate()
|
||||
|
||||
size = "-"
|
||||
if len(du[1].strip()) > 0:
|
||||
sys.stderr.write(du[1])
|
||||
print >>sys.stderr, "zfs get terminated unsuccessfully for %s" % item
|
||||
continue
|
||||
else:
|
||||
size = parse_size(du[0].strip())
|
||||
total_size += size
|
||||
|
||||
info = {'dir':item, 'size':reformat_size(size)}
|
||||
|
||||
# use info from config.yaml, if found
|
||||
# otherwise, skip this directory
|
||||
if item in config['exclude']:
|
||||
continue
|
||||
elif item in config['directories']:
|
||||
info.update(config['directories'][item])
|
||||
else:
|
||||
info.update({ 'site': '', 'url': '' })
|
||||
|
||||
directories.append(info)
|
||||
|
||||
# Sort the directories
|
||||
directories.sort(key=lambda d : d['dir'].lower())
|
||||
|
||||
# Call du to compute size
|
||||
#du = Popen(
|
||||
# "/usr/bin/du %s/* %s | /usr/bin/sort -fk2" % (docroot, duflags),
|
||||
# shell=True, stdout=PIPE, stderr=PIPE).communicate()
|
||||
# du = []
|
||||
|
||||
# Check that du executed successfully
|
||||
# If there's anything on stderr, send it
|
||||
# out our own stderr and terminate.
|
||||
#if len(du[1].strip()) > 0:
|
||||
# sys.stderr.write(du[1])
|
||||
# print >>sys.stderr, "du terminated unsuccessfully. Not generating index."
|
||||
# sys.exit(-1)
|
||||
|
||||
# first one should be total, grab its size and format
|
||||
#du = du[0].splitlines() # we only care about stdout now
|
||||
#total_size = reformat_size(du[0].split(None,2)[0])
|
||||
|
||||
# the rest are the sizes we want
|
||||
# directories = []
|
||||
# total_size = 0
|
||||
|
||||
# for line in du:
|
||||
# (size, path) = line.split(None, 2)
|
||||
# dir = os.path.basename(path)
|
||||
# total_size += int(size)
|
||||
# info = {'dir':dir, 'size':reformat_size(int(size))}
|
||||
|
||||
# use info from config.yaml, if found
|
||||
# otherwise, skip this directory
|
||||
# if dir in config['exclude'] or not os.path.isdir(path):
|
||||
# continue
|
||||
# elif dir in config['directories']:
|
||||
# info.update(config['directories'][dir])
|
||||
# else:
|
||||
# info.update({ 'site': '', 'url': '' })
|
||||
|
||||
# directories.append(info)
|
||||
|
||||
# render the template to a string
|
||||
body = Template(filename=template).render(
|
||||
total_size=reformat_size(total_size),
|
||||
directories=directories,
|
||||
generated=generated,
|
||||
config=config,
|
||||
h=webhelpers.html.tags)
|
||||
|
||||
# write the rendered output
|
||||
if nonatomic:
|
||||
print >>file(output,'w'), body
|
||||
else:
|
||||
atomic_write(output, body)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
|
@ -0,0 +1,22 @@
|
|||
Will not copy ssl certs (dev env will not support ssl?)
|
||||
```
|
||||
mime.types ->
|
||||
/etc/nginx/mime.types
|
||||
```
|
||||
```
|
||||
nginx.conf ->
|
||||
/etc/nginx/nginx.conf
|
||||
```
|
||||
```
|
||||
includes/ ->
|
||||
/etc/nginx/includes/
|
||||
```
|
||||
```
|
||||
sites-available/ ->
|
||||
/etc/nginx/sites-available/
|
||||
```
|
||||
To enable the sites
|
||||
```
|
||||
ln -s /etc/nginx/sites-available/debian.conf /etc/nginx/sites-enabled/
|
||||
ln -s /etc/nginx/sites-available/mirror.conf /etc/nginx/sites-enabled/
|
||||
```
|
|
@ -0,0 +1,17 @@
|
|||
server_name ca.ceph.com;
|
||||
access_log /var/log/nginx/access.ceph.log;
|
||||
|
||||
root /mirror/root/ceph;
|
||||
index index.html;
|
||||
|
||||
location ^~ /.well-known/acme-challenge {
|
||||
alias /var/www/dehydrated;
|
||||
}
|
||||
|
||||
location / {
|
||||
# First attempt to serve request as file, then
|
||||
# as directory, then fall back to displaying a 404.
|
||||
try_files $uri $uri/ =404;
|
||||
autoindex on;
|
||||
autoindex_exact_size off;
|
||||
}
|
|
@ -0,0 +1,12 @@
|
|||
server_name debian.csclub.uwaterloo.ca debian.csclub debian;
|
||||
|
||||
root /srv/debian/www;
|
||||
index index.html;
|
||||
|
||||
location / {
|
||||
# First attempt to serve request as file, then
|
||||
# as directory, then fall back to displaying a 404.
|
||||
try_files $uri $uri/ =404;
|
||||
autoindex on;
|
||||
autoindex_exact_size off;
|
||||
}
|
|
@ -0,0 +1,56 @@
|
|||
server_name _;
|
||||
|
||||
root /mirror/root;
|
||||
index index.html;
|
||||
autoindex on;
|
||||
autoindex_exact_size off;
|
||||
|
||||
location / {
|
||||
# First attempt to serve request as file, then
|
||||
# as directory, then fall back to displaying a 404.
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
# Server status
|
||||
location /server-status {
|
||||
stub_status on;
|
||||
allow 127.0.0.1;
|
||||
allow ::1;
|
||||
allow 129.97.134.0/24;
|
||||
allow 129.97.31.128/26;
|
||||
allow 2620:101:f000:4901::/64;
|
||||
allow 2620:101:f000:4902::/64;
|
||||
deny all;
|
||||
}
|
||||
|
||||
# Statistics
|
||||
location ~ /stats/(?<ndpath>.*) {
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_set_header X-Forwarded-Server $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_pass http://[::1]:19999/$ndpath$is_args$args;
|
||||
proxy_http_version 1.1;
|
||||
proxy_pass_request_headers on;
|
||||
proxy_set_header Connection "keep-alive";
|
||||
proxy_store off;
|
||||
}
|
||||
|
||||
location = /stats {
|
||||
return 301 /stats/;
|
||||
}
|
||||
|
||||
# On behalf of WiCS, redirect all files
|
||||
# from sarah_sharp to sage_sharp
|
||||
location ~ /wics/sarah_sharp_(?<file>.*) {
|
||||
return 301 /wics/sage_sharp_$file;
|
||||
}
|
||||
|
||||
# Ceph has a special access log
|
||||
location /ceph {
|
||||
access_log /var/log/nginx/access.ceph.log;
|
||||
}
|
||||
|
||||
# Removed projects
|
||||
location ^~ /kali {return 410;}
|
||||
location ^~ /kali-images {return 410;}
|
||||
location ^~ /hyperbola {return 410;}
|
|
@ -0,0 +1,11 @@
|
|||
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_dhparam /etc/ssl/private/dhparam.pem;
|
||||
ssl_session_tickets off;
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
resolver 129.97.134.4 129.97.18.20 [2620:101:f000:4901:c5c::4] [2620:101:f000:7300:c5c::20] valid=300s;
|
||||
resolver_timeout 5s;
|
||||
ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
|
|
@ -0,0 +1,13 @@
|
|||
server_name ca.releases.ubuntu.com;
|
||||
|
||||
root /mirror/root/ubuntu-releases;
|
||||
index index.html;
|
||||
|
||||
|
||||
location / {
|
||||
# First attempt to serve request as file, then
|
||||
# as directory, then fall back to displaying a 404.
|
||||
try_files $uri $uri/ =404;
|
||||
autoindex on;
|
||||
autoindex_exact_size off;
|
||||
}
|
|
@ -0,0 +1,89 @@
|
|||
|
||||
types {
|
||||
text/html html htm shtml;
|
||||
text/css css;
|
||||
text/xml xml;
|
||||
image/gif gif;
|
||||
image/jpeg jpeg jpg;
|
||||
application/javascript js;
|
||||
application/atom+xml atom;
|
||||
application/rss+xml rss;
|
||||
|
||||
text/mathml mml;
|
||||
text/plain txt;
|
||||
text/vnd.sun.j2me.app-descriptor jad;
|
||||
text/vnd.wap.wml wml;
|
||||
text/x-component htc;
|
||||
|
||||
image/png png;
|
||||
image/tiff tif tiff;
|
||||
image/vnd.wap.wbmp wbmp;
|
||||
image/x-icon ico;
|
||||
image/x-jng jng;
|
||||
image/x-ms-bmp bmp;
|
||||
image/svg+xml svg svgz;
|
||||
image/webp webp;
|
||||
|
||||
application/font-woff woff;
|
||||
application/java-archive jar war ear;
|
||||
application/json json;
|
||||
application/mac-binhex40 hqx;
|
||||
application/msword doc;
|
||||
application/pdf pdf;
|
||||
application/postscript ps eps ai;
|
||||
application/rtf rtf;
|
||||
application/vnd.apple.mpegurl m3u8;
|
||||
application/vnd.ms-excel xls;
|
||||
application/vnd.ms-fontobject eot;
|
||||
application/vnd.ms-powerpoint ppt;
|
||||
application/vnd.wap.wmlc wmlc;
|
||||
application/vnd.google-earth.kml+xml kml;
|
||||
application/vnd.google-earth.kmz kmz;
|
||||
application/x-7z-compressed 7z;
|
||||
application/x-cocoa cco;
|
||||
application/x-java-archive-diff jardiff;
|
||||
application/x-java-jnlp-file jnlp;
|
||||
application/x-makeself run;
|
||||
application/x-perl pl pm;
|
||||
application/x-pilot prc pdb;
|
||||
application/x-rar-compressed rar;
|
||||
application/x-redhat-package-manager rpm;
|
||||
application/x-sea sea;
|
||||
application/x-shockwave-flash swf;
|
||||
application/x-stuffit sit;
|
||||
application/x-tcl tcl tk;
|
||||
application/x-x509-ca-cert der pem crt;
|
||||
application/x-xpinstall xpi;
|
||||
application/xhtml+xml xhtml;
|
||||
application/xspf+xml xspf;
|
||||
application/zip zip;
|
||||
|
||||
application/octet-stream bin exe dll;
|
||||
application/octet-stream deb;
|
||||
application/octet-stream dmg;
|
||||
application/octet-stream iso img;
|
||||
application/octet-stream msi msp msm;
|
||||
|
||||
application/vnd.openxmlformats-officedocument.wordprocessingml.document docx;
|
||||
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx;
|
||||
application/vnd.openxmlformats-officedocument.presentationml.presentation pptx;
|
||||
|
||||
audio/midi mid midi kar;
|
||||
audio/mpeg mp3;
|
||||
audio/ogg ogg;
|
||||
audio/x-m4a m4a;
|
||||
audio/x-realaudio ra;
|
||||
|
||||
video/3gpp 3gpp 3gp;
|
||||
video/mp2t ts;
|
||||
video/mp4 mp4;
|
||||
video/mpeg mpeg mpg;
|
||||
video/quicktime mov;
|
||||
video/webm webm;
|
||||
video/x-flv flv;
|
||||
video/x-m4v m4v;
|
||||
video/x-mng mng;
|
||||
video/x-ms-asf asx asf;
|
||||
video/x-ms-wmv wmv;
|
||||
video/x-msvideo avi;
|
||||
}
|
|
@ -0,0 +1,101 @@
|
|||
user www-data;
|
||||
worker_processes 17;
|
||||
pid /run/nginx.pid;
|
||||
|
||||
events {
|
||||
worker_connections 1024;
|
||||
multi_accept on;
|
||||
use epoll;
|
||||
}
|
||||
|
||||
http {
|
||||
|
||||
##
|
||||
# Basic Settings
|
||||
##
|
||||
|
||||
sendfile on;
|
||||
sendfile_max_chunk 1m;
|
||||
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
keepalive_timeout 65;
|
||||
types_hash_max_size 2048;
|
||||
# server_tokens off;
|
||||
|
||||
# server_names_hash_bucket_size 64;
|
||||
# server_name_in_redirect off;
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type text/plain;
|
||||
|
||||
##
|
||||
# SSL Settings
|
||||
##
|
||||
|
||||
ssl_protocols TLSv1.2; # Dropping SSLv3, ref: POODLE
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
##
|
||||
# Logging Settings
|
||||
##
|
||||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
##
|
||||
# Gzip Settings
|
||||
##
|
||||
|
||||
gzip on;
|
||||
gzip_disable "msie6";
|
||||
|
||||
# gzip_vary on;
|
||||
# gzip_proxied any;
|
||||
# gzip_comp_level 6;
|
||||
# gzip_buffers 16 8k;
|
||||
# gzip_http_version 1.1;
|
||||
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
||||
|
||||
##
|
||||
# Open File Cache
|
||||
#
|
||||
open_file_cache max=2000 inactive=20s;
|
||||
open_file_cache_valid 60s;
|
||||
open_file_cache_min_uses 5;
|
||||
open_file_cache_errors off;
|
||||
|
||||
##
|
||||
# File
|
||||
##
|
||||
output_buffers 1 1m;
|
||||
|
||||
##
|
||||
# Virtual Host Configs
|
||||
##
|
||||
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
include /etc/nginx/sites-enabled/*;
|
||||
}
|
||||
|
||||
|
||||
#mail {
|
||||
# # See sample authentication script at:
|
||||
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
|
||||
#
|
||||
# # auth_http localhost/auth.php;
|
||||
# # pop3_capabilities "TOP" "USER";
|
||||
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
|
||||
#
|
||||
# server {
|
||||
# listen localhost:110;
|
||||
# protocol pop3;
|
||||
# proxy on;
|
||||
# }
|
||||
#
|
||||
# server {
|
||||
# listen localhost:143;
|
||||
# protocol imap;
|
||||
# proxy on;
|
||||
# }
|
||||
#}
|
|
@ -0,0 +1,17 @@
|
|||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
include includes/csc-debian.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
ssl_certificate /etc/ssl/private/csclub-wildcard-chain.crt;
|
||||
ssl_certificate_key /etc/ssl/private/csclub-wildcard.key;
|
||||
include includes/ssl.conf;
|
||||
|
||||
include includes/csc-debian.conf;
|
||||
}
|
|
@ -0,0 +1,80 @@
|
|||
##
|
||||
# You should look at the following URL's in order to grasp a solid understanding
|
||||
# of Nginx configuration files in order to fully unleash the power of Nginx.
|
||||
# http://wiki.nginx.org/Pitfalls
|
||||
# http://wiki.nginx.org/QuickStart
|
||||
# http://wiki.nginx.org/Configuration
|
||||
#
|
||||
# Generally, you will want to move this file somewhere, and start with a clean
|
||||
# file but keep this around for reference. Or just disable in sites-enabled.
|
||||
#
|
||||
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
|
||||
##
|
||||
|
||||
# Default server configuration
|
||||
#
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
# SSL configuration
|
||||
#
|
||||
# listen 443 ssl default_server;
|
||||
# listen [::]:443 ssl default_server;
|
||||
#
|
||||
# Self signed certs generated by the ssl-cert package
|
||||
# Don't use them in a production server!
|
||||
#
|
||||
# include snippets/snakeoil.conf;
|
||||
|
||||
root /var/www/html;
|
||||
|
||||
# Add index.php to the list if you are using PHP
|
||||
index index.html index.htm index.nginx-debian.html;
|
||||
|
||||
server_name _;
|
||||
|
||||
location / {
|
||||
# First attempt to serve request as file, then
|
||||
# as directory, then fall back to displaying a 404.
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# include snippets/fastcgi-php.conf;
|
||||
#
|
||||
# # With php5-cgi alone:
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
# # With php5-fpm:
|
||||
# fastcgi_pass unix:/var/run/php5-fpm.sock;
|
||||
#}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
#location ~ /\.ht {
|
||||
# deny all;
|
||||
#}
|
||||
}
|
||||
|
||||
|
||||
# Virtual Host configuration for example.com
|
||||
#
|
||||
# You can move that to a different file under sites-available/ and symlink that
|
||||
# to sites-enabled/ to enable it.
|
||||
#
|
||||
#server {
|
||||
# listen 80;
|
||||
# listen [::]:80;
|
||||
#
|
||||
# server_name example.com;
|
||||
#
|
||||
# root /var/www/example.com;
|
||||
# index index.html;
|
||||
#
|
||||
# location / {
|
||||
# try_files $uri $uri/ =404;
|
||||
# }
|
||||
#}
|
|
@ -0,0 +1,91 @@
|
|||
##
|
||||
# You should look at the following URL's in order to grasp a solid understanding
|
||||
# of Nginx configuration files in order to fully unleash the power of Nginx.
|
||||
# https://www.nginx.com/resources/wiki/start/
|
||||
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
|
||||
# https://wiki.debian.org/Nginx/DirectoryStructure
|
||||
#
|
||||
# In most cases, administrators will remove this file from sites-enabled/ and
|
||||
# leave it as reference inside of sites-available where it will continue to be
|
||||
# updated by the nginx packaging team.
|
||||
#
|
||||
# This file will automatically load configuration files provided by other
|
||||
# applications, such as Drupal or Wordpress. These applications will be made
|
||||
# available underneath a path with that package name, such as /drupal8.
|
||||
#
|
||||
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
|
||||
##
|
||||
|
||||
# Default server configuration
|
||||
#
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
# SSL configuration
|
||||
#
|
||||
# listen 443 ssl default_server;
|
||||
# listen [::]:443 ssl default_server;
|
||||
#
|
||||
# Note: You should disable gzip for SSL traffic.
|
||||
# See: https://bugs.debian.org/773332
|
||||
#
|
||||
# Read up on ssl_ciphers to ensure a secure configuration.
|
||||
# See: https://bugs.debian.org/765782
|
||||
#
|
||||
# Self signed certs generated by the ssl-cert package
|
||||
# Don't use them in a production server!
|
||||
#
|
||||
# include snippets/snakeoil.conf;
|
||||
|
||||
root /var/www/html;
|
||||
|
||||
# Add index.php to the list if you are using PHP
|
||||
index index.html index.htm index.nginx-debian.html;
|
||||
|
||||
server_name _;
|
||||
|
||||
location / {
|
||||
# First attempt to serve request as file, then
|
||||
# as directory, then fall back to displaying a 404.
|
||||
try_files $uri $uri/ =404;
|
||||
}
|
||||
|
||||
# pass PHP scripts to FastCGI server
|
||||
#
|
||||
#location ~ \.php$ {
|
||||
# include snippets/fastcgi-php.conf;
|
||||
#
|
||||
# # With php-fpm (or other unix sockets):
|
||||
# fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
|
||||
# # With php-cgi (or other tcp sockets):
|
||||
# fastcgi_pass 127.0.0.1:9000;
|
||||
#}
|
||||
|
||||
# deny access to .htaccess files, if Apache's document root
|
||||
# concurs with nginx's one
|
||||
#
|
||||
#location ~ /\.ht {
|
||||
# deny all;
|
||||
#}
|
||||
}
|
||||
|
||||
|
||||
# Virtual Host configuration for example.com
|
||||
#
|
||||
# You can move that to a different file under sites-available/ and symlink that
|
||||
# to sites-enabled/ to enable it.
|
||||
#
|
||||
#server {
|
||||
# listen 80;
|
||||
# listen [::]:80;
|
||||
#
|
||||
# server_name example.com;
|
||||
#
|
||||
# root /var/www/example.com;
|
||||
# index index.html;
|
||||
#
|
||||
# location / {
|
||||
# try_files $uri $uri/ =404;
|
||||
# }
|
||||
#}
|
|
@ -0,0 +1,44 @@
|
|||
server {
|
||||
listen 80 default_server reuseport;
|
||||
listen [::]:80 default_server reuseport;
|
||||
|
||||
include includes/mirror.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl default_server reuseport;
|
||||
listen [::]:443 ssl default_server reuseport;
|
||||
|
||||
ssl_certificate /etc/ssl/private/csclub-wildcard-chain.crt;
|
||||
ssl_certificate_key /etc/ssl/private/csclub-wildcard.key;
|
||||
include includes/ssl.conf;
|
||||
|
||||
include includes/mirror.conf;
|
||||
}
|
||||
|
||||
# ca.releases.ubuntu.com
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
include includes/ubuntu.conf;
|
||||
}
|
||||
|
||||
# ca.ceph.com
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
|
||||
include includes/ceph.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
ssl_certificate /etc/dehydrated/certs/ca.ceph.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/dehydrated/certs/ca.ceph.com/privkey.pem;
|
||||
include includes/ssl.conf;
|
||||
|
||||
include includes/ceph.conf;
|
||||
}
|
Loading…
Reference in New Issue