From 032fe88dc34b8b244f83aa15ab398a7c60c0f8e4 Mon Sep 17 00:00:00 2001
From: root <mixuan121@gmail.com>
Date: Tue, 13 Sep 2022 12:40:25 +0000
Subject: [PATCH] update

---
 nginx/arm.stpl       | 74 ++++++++++++++++++++++++++++++++++++++++++++
 nginx/arm.tpl        | 39 +++++++++++++++++++++++
 nginx/cloudreve.stpl | 46 +++++++++++++++++++++++++++
 nginx/cloudreve.tpl  | 43 +++++++++++++++++++++++++
 4 files changed, 202 insertions(+)
 create mode 100644 nginx/arm.stpl
 create mode 100644 nginx/arm.tpl
 create mode 100644 nginx/cloudreve.stpl
 create mode 100644 nginx/cloudreve.tpl

diff --git a/nginx/arm.stpl b/nginx/arm.stpl
new file mode 100644
index 0000000..63e2ba7
--- /dev/null
+++ b/nginx/arm.stpl
@@ -0,0 +1,74 @@
+#=========================================================================#
+# Default Web Domain Template                                             #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS   #
+# https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work #
+#=========================================================================#
+
+upstream portainer {
+  server 127.0.1.1:9090;
+}
+
+map $http_upgrade $connection_upgrade {
+  default upgrade;
+  '' close;
+}
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+    location / {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+        location ~* ^.+\.(%proxy_extensions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+location /portainer/ {
+    proxy_http_version 1.1;
+    proxy_set_header Host              $http_host;   # required for docker client's sake
+    proxy_set_header X-Real-IP         $remote_addr; # pass on real client's IP
+    proxy_set_header X-Forwarded-For   $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_read_timeout                 900;
+
+    proxy_set_header Connection "";
+    proxy_buffers 32 4k;
+    proxy_pass https://portainer/;
+  }
+
+  location /portainer/api/websocket/ {
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection $connection_upgrade;
+    proxy_pass https://portainer/api/websocket/;
+  }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      https://%ip%:%web_ssl_port%;
+    }
+
+    location ~ /\.(?!well-known\/|file) {
+       deny all; 
+       return 404;
+    }
+
+    proxy_hide_header Upgrade;
+
+    include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/arm.tpl b/nginx/arm.tpl
new file mode 100644
index 0000000..d657828
--- /dev/null
+++ b/nginx/arm.tpl
@@ -0,0 +1,39 @@
+#=========================================================================#
+# Default Web Domain Template                                             #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS   #
+# https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work #
+#=========================================================================#
+
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+        
+    include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extensions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.(?!well-known\/|file) {
+       deny all; 
+       return 404;
+    }
+
+    include %home%/%user%/conf/web/%domain%/nginx.conf_*;
+}
+
diff --git a/nginx/cloudreve.stpl b/nginx/cloudreve.stpl
new file mode 100644
index 0000000..548bfe6
--- /dev/null
+++ b/nginx/cloudreve.stpl
@@ -0,0 +1,46 @@
+#=======================================================================#
+# Default Web Domain Template                                           #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    listen      [::]:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+    location / {
+        proxy_pass      http://127.0.1.1:5212;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+#            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://127.0.1.1:5212;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/cloudreve.tpl b/nginx/cloudreve.tpl
new file mode 100644
index 0000000..31d1673
--- /dev/null
+++ b/nginx/cloudreve.tpl
@@ -0,0 +1,43 @@
+#=======================================================================#
+# Default Web Domain Template                                           #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+    listen      %ip%:%proxy_port% ;
+    listen      [::]:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+    location / {
+        proxy_pass      http://127.0.0.1:8010;
+        location ~* ^.+\.(%proxy_extentions%)$ {
+            root           %sdocroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://127.0.0.1:8010;
+    }
+
+    location ~ /\.ht    {return 404;}
+    location ~ /\.svn/  {return 404;}
+    location ~ /\.git/  {return 404;}
+    location ~ /\.hg/   {return 404;}
+    location ~ /\.bzr/  {return 404;}
+
+    include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+