Clean up nginx dir

common/dokuwiki.conf

@@ -11,7 +11,7 @@ location ~ \.php$ {
 	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
 	fastcgi_index index.php;
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-	include /etc/nginx/fastcgi_params;
+	include /etc/nginx/snippets/fastcgi_params;
 }
 
 location ~ /(data|conf|bin|inc|vendor)/ {

common/freshrss.conf

@@ -16,7 +16,7 @@ location ~ ^.+?\.php(/.*)?$ {
 	# https://trac.nginx.org/nginx/ticket/321
 	set $path_info $fastcgi_path_info;
 	fastcgi_param PATH_INFO $path_info;
-	include fastcgi_params;
+	include snippets/fastcgi_params;
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 }
 

common/mail.conf

@@ -27,17 +27,17 @@ location ^~ /new-admin {
 }
 
 location / {
-	include uwsgi_params;
+	include snippets/uwsgi_params;
 	uwsgi_param UWSGI_SCRIPT instance.wsgi:application;
 	uwsgi_pass modoboa;
 }
 
 location ~* ^/autodiscover/autodiscover.xml {
-	include uwsgi_params;
+	include snippets/uwsgi_params;
 	uwsgi_pass automx;
 }
 location /mobileconfig {
-	include uwsgi_params;
+	include snippets/uwsgi_params;
 	uwsgi_pass automx;
 }
 

common/nextcloud.conf

@@ -103,7 +103,7 @@ location ~ \.php(?:$|/) {
 
 	try_files $fastcgi_script_name =404;
 
-	include fastcgi_params;
+	include snippets/fastcgi_params;
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 	fastcgi_param PATH_INFO $path_info;
 	fastcgi_param HTTPS on;

common/privatebin.conf

@@ -11,5 +11,5 @@ location ~ \.php$ {
 	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
 	fastcgi_index index.php;
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-	include /etc/nginx/fastcgi_params;
+	include /etc/nginx/snippets/fastcgi_params;
 }

common/roundcube.conf

@@ -9,7 +9,7 @@ location / {
 location ~ \.php(?:$|/) {
 	try_files $uri = 404;
 	fastcgi_split_path_info ^(.+\.php)(/.+)$;
-	include fastcgi_params;
+	include snippets/fastcgi_params;
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 	fastcgi_param PATH_INFO $fastcgi_path_info;
 	fastcgi_param HTTPS on;

common/searxng.conf

@@ -3,7 +3,7 @@ location / {
 
     uwsgi_pass 192.168.122.53:5003;
 
-    include uwsgi_params;
+    include snippets/uwsgi_params;
 
     uwsgi_param    HTTP_HOST             $host;
     uwsgi_param    HTTP_CONNECTION       $http_connection;

common/website.conf

@@ -40,7 +40,7 @@ location /errors/.* {
 location ~ \.php$ {
 	try_files $uri =404;
 	#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
-	include fastcgi.conf;
+	include snippets/fastcgi.conf;
 	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
 	fastcgi_buffers 16 16k;
 	fastcgi_buffer_size 32k;

common/wiby.conf

@@ -44,8 +44,20 @@ location / {
 location ~ \.php$ {
 #	try_files $url = 404;
 	fastcgi_split_path_info ^(.+\.php)(/.+)$;
-	include snippets/fastcgi-php.conf;
-	include fastcgi_params;
+# regex to split $uri to $fastcgi_script_name and $fastcgi_path
+fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+
+# Check that the PHP script exists before passing it
+try_files $fastcgi_script_name =404;
+
+# Bypass the fact that try_files resets $fastcgi_path_info
+# see: http://trac.nginx.org/nginx/ticket/321
+set $path_info $fastcgi_path_info;
+fastcgi_param PATH_INFO $path_info;
+
+fastcgi_index index.php;
+include snippets/fastcgi.conf;
+	include snippets/fastcgi_params;
 #
 #	# With php-fpm (or other unix sockets):
 	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

conf.d/autoconfig.vern.cc.conf

@@ -13,7 +13,7 @@ server {
 	error_log /var/log/nginx/autoconfig.vern.cc-error.log;
 
 	location /mail/config-v1.1.xml {
-		include uwsgi_params;
+		include snippets/uwsgi_params;
 		uwsgi_pass automx;
 	}
 }

default.apps-available/morty.conf

@@ -1,11 +0,0 @@
-# https://example.org/morty
-
-location /morty {
-	proxy_pass         http://127.0.0.1:3000/;
-
-	proxy_set_header   Host             $host;
-	proxy_set_header   Connection       $http_connection;
-	proxy_set_header   X-Real-IP        $remote_addr;
-	proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
-	proxy_set_header   X-Scheme         $scheme;
-}

default.apps-available/searxng.conf

@@ -1,16 +0,0 @@
-# https://example.org/searx
-
-location /searx {
-	proxy_pass         http://127.0.0.1:4004/;
-
-	proxy_set_header   Host             $host;
-	proxy_set_header   Connection       $http_connection;
-	proxy_set_header   X-Real-IP        $remote_addr;
-	proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
-	proxy_set_header   X-Scheme         $scheme;
-	proxy_set_header   X-Script-Name    /;
-}
-
-location /searx/static/ {
-	alias /usr/local/searx/searx-src/searx/static/;
-}

default.d/morty.conf

@@ -1 +0,0 @@
-/etc/nginx/default.apps-available/morty.conf

default.d/searxng.conf

@@ -1 +0,0 @@
-/etc/nginx/default.apps-available/searxng.conf

dhparam.pem

@@ -1,13 +0,0 @@
------BEGIN DH PARAMETERS-----
-MIICCAKCAgEAuS47EwdD9aegi3le7HT6v6a6TiYAe8l2G0AQTdxNqAqAJF/bM9Qy
-q6ZHpvI3hZZ5fLJ2yf7lrCxKKCxHsSSUoKc7+DMHrUZsmXyMHnCK/oGerNicR5MN
-pU0d+X4Rub+CgSARazispPDqjdBNLavhEMDIvoDJm2frjq3h0qgdWKI6HKwGzWG6
-DwgSgUhN04xqF1HXpolwv+u9svdj/B9CcAyzEupdAJ5q5ehjKZaV4tid0zAlG8/2
-ecA4XR8VlaYzXKDraQbfZuolOOCwpX47NsG4JwTEYVmE+V5jVa1BgOGxyhxEq9Kr
-svIj6WF6wgtMmgMMIdK9RaWSie65hoxtvRCDwxr6HpocO1P5oaIpdNdgKbupEumi
-ywDLz5wKCtcJ+JQfPX9LpXS/uiDutZxkFuMzHhq0Rkv2r6eRlc9UL9hJLS9iKp1y
-3pzbAY7EUDbOrqLzIjKV6CHSMvCeUCQq5A23mTATK5bQt8d3QDzX/xGFEU4omm47
-xnBql1FX+MX3XGfonBsY6CxML9HLqZXPJZViazdHLj4HOJ4ZTQRazyxsqnizotkA
-+Ttqo9w748X2P08jfxFbhkm+4gH8yHWoGfPw7nL/5E3jXVGNaRl5J196RFK5b9el
-CeUu/rLig70EWJaLQ692qu/bG7VV87t/z1or83LLpEQTQmWGtz28NvsCAQI=
------END DH PARAMETERS-----

include.d/generic_worker.conf

@@ -1,332 +0,0 @@
-# Generic Worker
-#
-# note:
-# http://localhost:8083  -> matrix-synchrotron-balancer
-# generic_worker_lc      -> upstream_proxy (least_conn)
-# generic_worker_ih      -> upstream_proxy (ip_hash)
-#
-
-## Sync requests
-location ~ ^/_matrix/client/(r0|v3)/sync$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://localhost:8083;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3)/events$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3)/initialSync$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://localhost:8083;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3)/rooms/[^/]+/initialSync$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://localhost:8083;
-}
-
-
-## Federation requests
-location ~ ^/_matrix/federation/v1/event/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/state/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/state_ids/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/backfill/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/get_missing_events/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/publicRooms {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/query/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/make_join/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/make_leave/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/(v1|v2)/send_join/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/(v1|v2)/send_leave/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/(v1|v2)/invite/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/event_auth/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/exchange_third_party_invite/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/user/devices/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/v1/get_groups_publicised$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/key/v2/query {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/federation/(v1|unstable/org.matrix.msc2946)/hierarchy/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-
-## Inbound federation transaction request
-location ~ ^/_matrix/federation/v1/send/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_ih;
-}
-
-
-## Client API requests
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/createRoom$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/publicRooms$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/joined_members$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/context/.*$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/members$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(v1|unstable/org.matrix.msc2946)/rooms/.*/hierarchy$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/account/3pid$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/devices$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/versions$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/voip/turnServer$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/joined_groups$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/publicised_groups$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/publicised_groups/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/event/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/joined_rooms$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/search$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-
-## Encryption requests
-location ~ ^/_matrix/client/(r0|v3|unstable)/keys/query$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/keys/changes$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/keys/claim$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/room_keys/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-
-## Registration/login requests
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/login$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/register$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/v1/register/m.login.registration_token/validity$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-
-# STREAM WRITERS
-## Event sending requests
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/redact {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/send {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/state/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/(join|invite|leave|ban|unban|kick)$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/join/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/profile/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://generic_worker_lc;
-}
-
-## Typing
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/rooms/.*/typing {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://additional;
-}
-
-## Device requests
-location ~ ^/_matrix/client/(r0|v3|unstable)/sendToDevice/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://additional;
-}
-
-## Account data requests
-location ~ ^/_matrix/client/(r0|v3|unstable)/.*/tags {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://additional;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/.*/account_data {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://additional;
-}
-
-## Receipts requests
-location ~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/receipt {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://additional;
-}
-
-location ~ ^/_matrix/client/(r0|v3|unstable)/rooms/.*/read_markers {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://additional;
-}
-
-## Presence requests
-location ~ ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://presence;
-}
-

include.d/synapse-admin.conf

@@ -1,21 +0,0 @@
-location ~ ^/_synapse/admin/v1/users/@(mjolnir|root):vern.cc/admin$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://localhost:8008;
-}
-location ~ ^/_synapse/admin/v1/whois/@(mjolnir|root):vern.cc$ {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://localhost:8008;
-}
-
-location ~ ^/_synapse/admin/v1/deactivate {
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://localhost:8008;
-}
-
-location ~ ^/_synapse/admin {
-	allow 127.0.0.1;
-	deny all;
-	include include.d/synapse-proxy.conf;
-	proxy_pass http://localhost:8008;
-}
-

include.d/synapse-proxy.conf

@@ -1,15 +0,0 @@
-proxy_set_header Host $http_host;
-proxy_set_header X-Real-IP $remote_addr;
-proxy_set_header X-Forwarded-For $remote_addr;
-proxy_set_header X-Forwarded-Proto $scheme;
-
-port_in_redirect    off;
-proxy_redirect      off;
-proxy_connect_timeout 3600;
-proxy_read_timeout 3600;
-proxy_send_timeout 3600;
-
-proxy_buffering    off;
-proxy_buffers 8 16k;
-proxy_buffer_size 32k;
-

include.d/upstream_workers.conf

@@ -1,26 +0,0 @@
-upstream generic_worker_ih {
-	ip_hash;
-	server localhost:8510;
-	server localhost:8511;
-	server localhost:8512;
-	server localhost:8513;
-}
-
-upstream generic_worker_lc {
-	least_conn;
-	server localhost:8510;
-	server localhost:8511;
-	server localhost:8512;
-	server localhost:8513;
-}
-
-upstream additional {
-	least_conn;
-	server localhost:8514;
-}
-
-upstream presence {
-	least_conn;
-	server localhost:8516;
-}
-

nginx.conf

@@ -13,7 +13,7 @@ http {
 	tcp_nopush on;
 	types_hash_max_size 2048;
 	server_names_hash_bucket_size 256;
-	include /etc/nginx/mime.types;
+	include /etc/nginx/snippets/mime.types;
 	default_type application/octet-stream;
 	# SSL Settings
 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
@@ -30,5 +30,4 @@ http {
 	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
 	# Virtual Host Configs
 	include /etc/nginx/conf.d/*.conf;
-	include /etc/nginx/sites-enabled/*;
 }

snippets/fastcgi-php.conf

@@ -1,13 +0,0 @@
-# regex to split $uri to $fastcgi_script_name and $fastcgi_path
-fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-
-# Check that the PHP script exists before passing it
-try_files $fastcgi_script_name =404;
-
-# Bypass the fact that try_files resets $fastcgi_path_info
-# see: http://trac.nginx.org/nginx/ticket/321
-set $path_info $fastcgi_path_info;
-fastcgi_param PATH_INFO $path_info;
-
-fastcgi_index index.php;
-include fastcgi.conf;