diff --git a/nginx/nginx.conf b/nginx/nginx.conf index 435203e..45c7409 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -1,282 +1,232 @@ -worker_processes 8; -worker_rlimit_nofile 65536; +worker_processes 8; +worker_rlimit_nofile 65536; events { - worker_connections 432768; ## Default: 1024 + worker_connections 432768; ## Default: 1024 } http { - log_format no_ip '$remote_user [$time_local] ' - '"$request" $status $body_bytes_sent ' - '"$http_referer" "$http_user_agent" "$gzip_ratio"'; + log_format no_ip '$remote_user [$time_local] ' + '"$request" $status $body_bytes_sent ' + '"$http_referer" "$http_user_agent" "$gzip_ratio"'; - log_format user_agent '[$time_local] ' - '"$http_referer" "$http_user_agent" "$gzip_ratio"'; + log_format user_agent '[$time_local] ' + '"$http_referer" "$http_user_agent" "$gzip_ratio"'; - include /etc/nginx/mime.types; - include /etc/nginx/proxy.conf; - include /etc/nginx/fastcgi.conf; - - upstream backend_GET { - least_conn; - #server localhost:4441; - #server localhost:4442; - #server localhost:4443; - #server localhost:4444; - #server localhost:4445; - #server localhost:4446; - #server localhost:4447; - #server localhost:4448; + include /etc/nginx/mime.types; + include /etc/nginx/proxy.conf; + include /etc/nginx/fastcgi.conf; - server 10.0.0.3:4441; - server 10.0.0.3:4442; + upstream backend_GET { + least_conn; + #server localhost:4441; + #server localhost:4442; + #server localhost:4443; + #server localhost:4444; + #server localhost:4445; + #server localhost:4446; + #server localhost:4447; + #server localhost:4448; - #server 134.209.69.251:80 backup; + server 10.0.0.3:4441; + server 10.0.0.3:4442; - server 116.203.32.253:80 backup; - #server 116.203.32.253:80; - } - upstream backend_POST { - #server localhost:4441; - #server localhost:4442; - server 10.0.0.3:4441; - #server 10.0.0.3:4442; - } - upstream backend_db { - server localhost:4441; - #server 10.0.0.3:4441; - } + #server 134.209.69.251:80 backup; - proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHEZONE:10m inactive=60m max_size=400m; - proxy_cache_key "$scheme$request_method$host$request_uri"; - add_header X-Cache $upstream_cache_status; - - server { - server_name sponsor.ajay.app api.sponsor.ajay.app; - - error_page 404 /404.html; - #error_page 500 @myerrordirective_500; - #error_page 502 @myerrordirective_502; - #error_page 504 @myerrordirective_504; - #location = /404 { - # root /home/sbadmin/caddy/SponsorBlockSite/public-prod; - # internal; - #} - - #proxy_send_timeout 120s; - - #location @myerrordirective_500 { - # return 400 "Internal Server Error"; - #} - #location @myerrordirective_502 { - # return 400 "Bad Gateway"; - #} - #location @myerrordirective_504 { - # return 400 "Gateway Timeout"; - #} - - - location /news { - return 301 https://blog.ajay.app/sponsorblock; + server 116.203.32.253:80 backup; + #server 116.203.32.253:80; + } + upstream backend_POST { + #server localhost:4441; + #server localhost:4442; + server 10.0.0.3:4441; + #server 10.0.0.3:4442; + } + upstream backend_db { + server localhost:4441; + #server 10.0.0.3:4441; } - location /viewer { - return 301 https://sb.ltn.fi; - } + proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHEZONE:10m inactive=60m max_size=400m; + proxy_cache_key "$scheme$request_method$host$request_uri"; + add_header X-Cache $upstream_cache_status; - location /test/ { - proxy_pass http://localhost:4440/; - #proxy_pass https://sbtest.etcinit.com/; - } + server { + server_name sponsor.ajay.app api.sponsor.ajay.app; - location /api/skipSegments { - #return 200 "[]"; - proxy_pass http://backend_$request_method; - #proxy_cache CACHEZONE; - #proxy_cache_valid 2m; + error_page 404 /404.html; + #error_page 500 @myerrordirective_500; + #error_page 502 @myerrordirective_502; + #error_page 504 @myerrordirective_504; + #location = /404 { + # root /home/sbadmin/caddy/SponsorBlockSite/public-prod; + # internal; + #} - if ($request_method = POST) { - access_log /etc/nginx/logs/submissions.log user_agent; - } - } + #proxy_send_timeout 120s; - location /api/getTopUsers { - proxy_pass http://backend_GET; - proxy_cache CACHEZONE; - proxy_cache_valid 20m; - } + #location @myerrordirective_500 { + # return 400 "Internal Server Error"; + #} + #location @myerrordirective_502 { + # return 400 "Bad Gateway"; + #} + #location @myerrordirective_504 { + # return 400 "Gateway Timeout"; + #} - location /api/getTotalStats { - proxy_pass http://backend_GET; - #return 200 ""; - } + location /news { + return 301 https://blog.ajay.app/sponsorblock; + } - - location /api/getVideoSponsorTimes { - proxy_pass http://backend_GET; - } - - location /download/ { - access_log /etc/nginx/logs/download.log no_ip; - gzip on; - gzip_types text/plain application/json; - #alias /home/sbadmin/sponsor/docker/database-export/; - alias /home/sbadmin/sponsor/docker/database-export/; - #return 307 https://cdnsponsor.ajay.app$request_uri; - } - location /database { - proxy_pass http://backend_db; - #return 200 "Disabled for load reasons"; - } - - location = /database.db { - #return 404 "Sqlite database has been replaced with csv exports at https://sponsor.ajay.app/database. Sqlite exports might come back soon, but exported at longer intervals."; - #alias /home/sbadmin/sponsor/databases/sponsorTimes.db; - alias /home/sbadmin/test-db/database.db; - } - - #location = /database/sponsorTimes.csv { - # alias /home/sbadmin/sponsorTimes.csv; - #} + location /viewer { + return 301 https://sb.ltn.fi; + } + + location /test/ { + return 404 ""; + #proxy_pass http://localhost:4440/; + #proxy_pass https://sbtest.etcinit.com/; + } + + location /api/skipSegments { + #return 200 "[]"; + proxy_pass http://backend_$request_method; + #proxy_cache CACHEZONE; + #proxy_cache_valid 2m; + + if ($request_method = POST) { + access_log /etc/nginx/logs/submissions.log user_agent; + } + } + + location /api/getTopUsers { + proxy_pass http://backend_GET; + proxy_cache CACHEZONE; + proxy_cache_valid 20m; + } + + location /api/getTotalStats { + proxy_pass http://backend_GET; + #return 200 ""; + } + + location /api/getVideoSponsorTimes { + proxy_pass http://backend_GET; + } + + location /download/ { + access_log /etc/nginx/logs/download.log no_ip; + gzip on; + gzip_types text/plain application/json; + alias /home/sbadmin/sponsor/docker/database-export/; + #return 307 https://cdnsponsor.ajay.app$request_uri; + } + location /database { + proxy_pass http://backend_db; + #return 200 "Disabled for load reasons"; + } + + location = /database.db { + return 404 "Sqlite database has been replaced with csv exports at https://sponsor.ajay.app/database. Sqlite exports might come back soon, but exported at longer intervals."; + #alias /home/sbadmin/sponsor/databases/sponsorTimes.db; + #alias /home/sbadmin/test-db/database.db; + } + + #location = /database/sponsorTimes.csv { + # alias /home/sbadmin/sponsorTimes.csv; + #} + + #location /api/voteOnSponsorTime { + # return 200 "Success"; + #} + #location /api/viewedVideoSponsorTime { + # return 200 "Success"; + #} - #location /api/voteOnSponsorTime { - # return 200 "Success"; - #} - - #location /api/viewedVideoSponsorTime { - # return 200 "Success"; - #} - - location /api { - proxy_pass http://backend_POST; - } - - location / { - root /home/sbadmin/SponsorBlockSite/public-prod; - } - - - listen 443 default_server ssl http2; # managed by Certbot - #listen 443 http3 reuseport; - #ssl_protocols TLSv1.2 TLSv1.3; - #listen 80; - ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0003/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0003/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot - - - - - - - - - - - - - -} - - server { - server_name cdnsponsor.ajay.app; - - error_page 404 /404.html; - - #location /database/ { - # alias /home/sbadmin/sponsor/docker/database-export/; - #} - - location /download/ { - alias /home/sbadmin/sponsor/docker/database-export/; + location /api { + proxy_pass http://backend_POST; + } + + location / { + root /home/sbadmin/SponsorBlockSite/public-prod; + } + + listen 443 default_server ssl http2; # managed by Certbot + #listen 443 http3 reuseport; + #ssl_protocols TLSv1.2 TLSv1.3; + #listen 80; + ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0003/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0003/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } - location / { - root /home/sbadmin/SponsorBlockSite/public-prod; - } - + server { + server_name cdnsponsor.ajay.app; + error_page 404 /404.html; - listen 443 ssl; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + #location /database/ { + # alias /home/sbadmin/sponsor/docker/database-export/; + #} + + #location /download/ { + # alias /home/sbadmin/sponsor/docker/database-export/; + #} + + location / { + root /home/sbadmin/SponsorBlockSite/public-prod; + } -} - - - - - server { - - access_log off; - error_log /etc/nginx/logs/log.txt; - - - if ($host = api.sponsor.ajay.app) { - return 301 https://$host$request_uri; - } # managed by Certbot - - - if ($host = sponsor.ajay.app) { - return 301 https://$host$request_uri; - } # managed by Certbot - - - listen 80; - server_name sponsor.ajay.app api.sponsor.ajay.app; - return 404; # managed by Certbot - - - - -} - - server { - if ($host = cdnsponsor.ajay.app) { - return 301 https://$host$request_uri; - } # managed by Certbot - - - server_name cdnsponsor.ajay.app; - listen 80; - return 404; # managed by Certbot - - -} - - server { - server_name wiki.sponsor.ajay.app; # managed by Certbot - - location / { - proxy_pass http://10.0.0.3:8080; - } - - - listen 443 ssl http2; # managed by Certbot - #listen 443 http3 reuseport; - #ssl_protocols TLSv1.2 TLSv1.3; - #listen 80; - ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0003/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0003/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot - - - - - - - - - - - - - -} - + listen 443 ssl; # managed by Certbot + ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0001/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0001/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + } + + server { + access_log off; + error_log /etc/nginx/logs/log.txt; + + if ($host = api.sponsor.ajay.app) { + return 301 https://$host$request_uri; + } # managed by Certbot + + if ($host = sponsor.ajay.app) { + return 301 https://$host$request_uri; + } # managed by Certbot + + listen 80; + server_name sponsor.ajay.app api.sponsor.ajay.app; + return 404; # managed by Certbot + } + + server { + if ($host = cdnsponsor.ajay.app) { + return 301 https://$host$request_uri; + } # managed by Certbot + + server_name cdnsponsor.ajay.app; + listen 80; + return 404; # managed by Certbot + } + + server { + server_name wiki.sponsor.ajay.app; # managed by Certbot + location / { + proxy_pass http://10.0.0.3:8080; + } + + listen 443 ssl http2; # managed by Certbot + #listen 443 http3 reuseport; + #ssl_protocols TLSv1.2 TLSv1.3; + #listen 80; + ssl_certificate /etc/letsencrypt/live/sponsor.ajay.app-0003/fullchain.pem; # managed by Certbot + ssl_certificate_key /etc/letsencrypt/live/sponsor.ajay.app-0003/privkey.pem; # managed by Certbot + include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot + } }