From f6b44b73d1a224855df1edeadad15a432682798f Mon Sep 17 00:00:00 2001 From: root Date: Fri, 23 Jan 2026 00:02:24 +0000 Subject: [PATCH] Add config --- config | 144 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 144 insertions(+) create mode 100644 config diff --git a/config b/config new file mode 100644 index 0000000..8787f32 --- /dev/null +++ b/config @@ -0,0 +1,144 @@ +server { + listen 80; + listen [::]:80; + server_name ltrapi.top www.ltrapi.top; + root /var/www/html; + index index.php index.html index.htm; + + access_log /var/log/nginx/ltrapi.top-http-access.log; + error_log /var/log/nginx/ltrapi.top-http-error.log; + + client_max_body_size 100M; + + location ~ \.php$ { + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always; + add_header 'Access-Control-Allow-Headers' '*' always; + add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always; + add_header 'Access-Control-Allow-Headers' '*' always; + add_header 'Access-Control-Max-Age' 86400 always; + add_header 'Content-Type' 'text/plain; charset=utf-8' always; + add_header 'Content-Length' 0 always; + return 204; + } + + include snippets/fastcgi-php.conf; + fastcgi_pass unix:/run/php/php8.1-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + + fastcgi_read_timeout 300; + fastcgi_send_timeout 300; + } + + + location / { + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always; + add_header 'Access-Control-Allow-Headers' '*' always; + add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; + + # Content Security Policy + add_header Content-Security-Policy "default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';" always; + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always; + add_header 'Access-Control-Allow-Headers' '*' always; + add_header 'Access-Control-Max-Age' 86400 always; + add_header 'Content-Type' 'text/plain; charset=utf-8' always; + add_header 'Content-Length' 0 always; + return 204; + } + + try_files $uri $uri/ /index.php?$query_string; + } + + location ~ /\. { + deny all; + access_log off; + log_not_found off; + } +} + + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name ltrapi.top www.ltrapi.top; + root /var/www/html; + index index.php index.html index.htm; + + ssl_certificate /etc/letsencrypt/live/ltrapi.top/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/ltrapi.top/privkey.pem; + + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers HIGH:!aNULL:!MD5; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:10m; + ssl_session_timeout 10m; + + access_log /var/log/nginx/ltrapi.top-https-access.log; + error_log /var/log/nginx/ltrapi.top-https-error.log; + + client_max_body_size 100M; + + location ~ \.php$ { + + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always; + add_header 'Access-Control-Allow-Headers' '*' always; + add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always; + add_header 'Access-Control-Allow-Headers' '*' always; + add_header 'Access-Control-Max-Age' 86400 always; + add_header 'Content-Type' 'text/plain; charset=utf-8' always; + add_header 'Content-Length' 0 always; + return 204; + } + + include snippets/fastcgi-php.conf; + fastcgi_pass unix:/run/php/php8.1-fpm.sock; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + + fastcgi_read_timeout 300; + fastcgi_send_timeout 300; + } + + location / { + + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always; + add_header 'Access-Control-Allow-Headers' '*' always; + add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; + + add_header Content-Security-Policy "default-src * 'unsafe-inline' 'unsafe-eval' data: blob:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline';" always; + + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' '*' always; + add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH, HEAD' always; + add_header 'Access-Control-Allow-Headers' '*' always; + add_header 'Access-Control-Max-Age' 86400 always; + add_header 'Content-Type' 'text/plain; charset=utf-8' always; + add_header 'Content-Length' 0 always; + return 204; + } + + try_files $uri $uri/ /index.php?$query_string; + } + + location ~ /\. { + deny all; + access_log off; + log_not_found off; + } +} \ No newline at end of file