Many web updates

Server/Root/etc/nginx/nginx.conf

@@ -0,0 +1,92 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections 768;
+	# multi_accept on;
+}
+
+http {
+	upstream php {
+		server unix:/var/run/php/php7.4-fpm.sock;
+	}
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	types_hash_max_size 2048;
+	# server_tokens off;
+
+	server_names_hash_bucket_size 128;
+	map_hash_bucket_size 128;
+	# server_name_in_redirect off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# SSL Settings
+	##
+
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
+	ssl_prefer_server_ciphers on;
+
+	##
+	# Logging Settings
+	##
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip on;
+
+	# gzip_vary on;
+	# gzip_proxied any;
+	# gzip_comp_level 6;
+	# gzip_buffers 16 8k;
+	# gzip_http_version 1.1;
+	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+	##
+	# Virtual Host Configs
+	##
+
+	include /etc/nginx/conf.d/*.conf;
+	include /etc/nginx/sites-enabled/*;
+
+	client_max_body_size 8M;
+
+	more_clear_headers  "Server";
+	more_clear_headers  "server";
+}
+
+
+#mail {
+#	# See sample authentication script at:
+#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
+#
+#	# auth_http localhost/auth.php;
+#	# pop3_capabilities "TOP" "USER";
+#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
+#
+#	server {
+#		listen     localhost:110;
+#		protocol   pop3;
+#		proxy      on;
+#	}
+#
+#	server {
+#		listen     localhost:143;
+#		protocol   imap;
+#		proxy      on;
+#	}
+#}

Server/Root/etc/nginx/sites-available/SpaccBBS.conf

@@ -1,11 +1,12 @@
-upstream php {
-	server unix:/var/run/php/php7.4-fpm.sock;
+map $http_host $SpaccBbsMap {
+	'bbs.spacc.eu.org' '1';
+	'bbs.spaccsoj3trhzowrrblzb5m6hgkwu6syghnmhett7gvxbrz5zhsrs4ad.onion' '2';
 }
 
 server {
 	listen 80;
 	listen 443 ssl;
-	server_name bbs.spacc.eu.org;
+	server_name bbs.spacc.eu.org bbs.spaccsoj3trhzowrrblzb5m6hgkwu6syghnmhett7gvxbrz5zhsrs4ad.onion;
 	ssl_certificate /etc/letsencrypt/live/bbs.spacc.eu.org/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/bbs.spacc.eu.org/privkey.pem;
 	ssl_prefer_server_ciphers on;
@@ -72,4 +73,30 @@ server {
 		deny all;
 		internal;
 	}
+
+	location /wap {
+		rewrite ^ $scheme://$host/?style=4 redirect;
+	}
+	location /lite {
+		rewrite ^ $scheme://$host/wap redirect;
+	}
+
+	#if ($SpaccBbsMap = '1') {
+	#	location /wwwroot {
+	#		rewrite ^(.*) $scheme://hlb0.octt.eu.org/$request_uri redirect;
+	#	}
+	#}
+	#if ($SpaccBbsMap = '2') {
+	#	location /wwwroot {
+	#		rewrite ^(.*) $scheme://octt.spaccsoj3trhzowrrblzb5m6hgkwu6syghnmhett7gvxbrz5zhsrs4ad.onion/$request_uri redirect;
+	#	}
+	#}
+	location /wwwroot {
+		if ($SpaccBbsMap = '1') {
+			rewrite ^(.*) $scheme://hlb0.octt.eu.org/$request_uri redirect;
+		}
+		if ($SpaccBbsMap = '2') {
+			rewrite ^(.*) $scheme://octt.spaccsoj3trhzowrrblzb5m6hgkwu6syghnmhett7gvxbrz5zhsrs4ad.onion/$request_uri redirect;
+		}
+	}
 }

Server/Root/etc/nginx/sites-available/articles.conf

@@ -1,6 +1,7 @@
 server {
+	listen 80;
 	listen 443 ssl;
-	server_name articles.octt.eu.org;
+	server_name articles.octt.eu.org articles.spaccsoj3trhzowrrblzb5m6hgkwu6syghnmhett7gvxbrz5zhsrs4ad.onion;
 	ssl_certificate /etc/letsencrypt/live/articles.octt.eu.org/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/articles.octt.eu.org/privkey.pem;
 	ssl_prefer_server_ciphers on;
@@ -16,8 +17,9 @@ server {
 }
 
 server {
+	listen 80;
 	listen 443 ssl;
-	server_name ShioriFeed.octt.eu.org;
+	server_name ShioriFeed.octt.eu.org ShioriFeed.spaccsoj3trhzowrrblzb5m6hgkwu6syghnmhett7gvxbrz5zhsrs4ad.onion;
 	ssl_certificate /etc/letsencrypt/live/shiorifeed.octt.eu.org/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/shiorifeed.octt.eu.org/privkey.pem;
 	ssl_prefer_server_ciphers on;

Server/Root/etc/nginx/sites-available/feeds.conf

@@ -1,17 +1,48 @@
 server {
+	listen 80;
 	listen 443 ssl;
-	server_name feeds.octt.eu.org;
+	server_name feeds.octt.eu.org feeds.spaccsoj3trhzowrrblzb5m6hgkwu6syghnmhett7gvxbrz5zhsrs4ad.onion;
 	ssl_certificate /etc/letsencrypt/live/feeds.octt.eu.org/fullchain.pem;
 	ssl_certificate_key /etc/letsencrypt/live/feeds.octt.eu.org/privkey.pem;
 	ssl_prefer_server_ciphers on;
+
+	#location / {
+	#	proxy_http_version 1.1;
+	#	proxy_pass http://localhost:8017;
+	#	proxy_set_header X-Real-IP $remote_addr;
+	#	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+	#	proxy_set_header X-Forwarded-Proto $scheme;
+	#	proxy_set_header Upgrade $http_upgrade;
+	#	proxy_set_header Connection "upgrade";
+	#	sub_filter '</body>' '<script> function ForceUpdateFeeds(){ var Count = 0; Array.from(document.querySelectorAll(atob("KltpZF49ImZfIl0uaXRlbS5mZWVk"))).forEach(function(El){ Count++; fetch(location.origin + "/i/?c=feed&a=actualize&id=" + El.id.split("_")[1]); }); setTimeout(function(){ location.reload(); }, Count * 4000); }; </script></body>';
+	#	sub_filter '<a id="actualize"' '<a class="btn" href="#" title="Force update feeds" onclick="javascript:ForceUpdateFeeds();">Force update feeds</a><a id="actualize"';
+	#	sub_filter_once on;
+	#}
+
+	root /Server/www/FreshRSS/p;
+	index index.php index.html index.htm;
+
+	# nginx log files
+	access_log /var/log/nginx/FreshRSS.access.log;
+	error_log /var/log/nginx/FreshRSS.error.log;
+
+	# php files handling
+	# this regex is mandatory because of the API
+	location ~ ^.+?\.php(/.*)?$ {
+		fastcgi_pass php;
+		fastcgi_split_path_info ^(.+\.php)(/.*)$;
+		# By default, the variable PATH_INFO is not set under PHP-FPM
+		# But FreshRSS API greader.php need it. If you have a “Bad Request” error, double check this var!
+		# NOTE: the separate $path_info variable is required. For more details, see:
+		# https://trac.nginx.org/nginx/ticket/321
+		set $path_info $fastcgi_path_info;
+		fastcgi_param PATH_INFO $path_info;
+		include fastcgi_params;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+	}
+
 	location / {
-		proxy_http_version 1.1;
-		proxy_pass http://localhost:8017;
-		proxy_set_header X-Real-IP $remote_addr;
-		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-		proxy_set_header X-Forwarded-Proto $scheme;
-		proxy_set_header Upgrade $http_upgrade;
-		proxy_set_header Connection "upgrade";
+		try_files $uri $uri/ index.php;
 		sub_filter '</body>' '<script> function ForceUpdateFeeds(){ var Count = 0; Array.from(document.querySelectorAll(atob("KltpZF49ImZfIl0uaXRlbS5mZWVk"))).forEach(function(El){ Count++; fetch(location.origin + "/i/?c=feed&a=actualize&id=" + El.id.split("_")[1]); }); setTimeout(function(){ location.reload(); }, Count * 4000); }; </script></body>';
 		sub_filter '<a id="actualize"' '<a class="btn" href="#" title="Force update feeds" onclick="javascript:ForceUpdateFeeds();">Force update feeds</a><a id="actualize"';
 		sub_filter_once on;

Server/Root/etc/nginx/sites-available/root.conf

@@ -33,6 +33,7 @@ server {
 	ssl_prefer_server_ciphers on;
 	error_page 403 = /404.html;
 	error_page 404 = /404.html;
+
 	location / {
 		root /Server/www/root;
 		if ($request_uri ~ ^([^.\?]*[^/])$) {
@@ -45,6 +46,7 @@ server {
 		#error_page 404 = /404.html;
 		#rewrite  ^/(\?.*)?$ index.html$1 permanent;
 	}
+
 	location /Drive/ {
 		root /Server/www;
 		autoindex on;
@@ -65,6 +67,7 @@ server {
 		sub_filter '<h1>Index of /Drive/' '<h1>Index of <a href="/Drive/">/Drive</a>/';
 		sub_filter_once off;
 	}
+
 	location /Drive/Telegram/ {
 		rewrite ^/Drive/Telegram/(.*)$ /$1 break;
 		proxy_http_version 1.1;
@@ -81,4 +84,8 @@ server {
 		sub_filter '<source src="/' '<source src="/Drive/Telegram/';
 		sub_filter_once off;
 	}
+
+	location /wwwroot/ {
+		rewrite ^/wwwroot/(.*)$ /$1 permanent;
+	}
 }