From 7581a3b64918822a98c58eac3775bdefdb83eeb4 Mon Sep 17 00:00:00 2001 From: Jonathan Hodgson Date: Mon, 13 Jun 2022 11:13:43 +0100 Subject: [PATCH] Updates nginx config Now, rather than urls of the form: domain.com/blog/something.html my website has urls of the form domain.com/blog/something/ Inside the something folder, there are gmi, html and md index files. Nginx will try to serve an appropriate file based on the requested content type. Gemini will also use the same folder structure, serving the gmi file. --- nginx/default.conf | 57 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 55 insertions(+), 2 deletions(-) diff --git a/nginx/default.conf b/nginx/default.conf index 51468f3..ffcc557 100644 --- a/nginx/default.conf +++ b/nginx/default.conf @@ -1,11 +1,64 @@ +include mime.types + +types { + text/markdown md; +} + + +map $http_accept $file_suffix { + default "html"; + ~*pdf "pdf"; + ~*md "md"; + ~*markdown "md"; + ~*html "html"; + ~*gemini "gmi"; +} + server { listen 80; server_name localhost; - #charset koi8-r; - #access_log /var/log/nginx/host.access.log main; + + add_header X-Content-Type-Options "nosniff" always; + add_header Content-Security-Policy "default-src 'none'; img-src 'self'; style-src 'self' https://commento.jonathanh.co.uk; script-src https://commento.jonathanh.co.uk; connect-src ws://commento.jonathanh.co.uk https://commento.jonathanh.co.uk;" always; + add_header Referrer-Policy "no-referrer" always; + add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), serial=(), sync-script=(), trust-token-redemption=(), vertical-scroll=(), interest-cohort=()" always; + add_header x-card "curl -L jn.hn/card" always; + server_tokens off; location / { + # Result of change from .html to / + rewrite ^/tag/zsh.html$ /tag/zsh/ permanent; + rewrite ^/tag/fzf.html$ /tag/fzf/ permanent; + rewrite ^/tag/mutt.html$ /tag/mutt/ permanent; + rewrite ^/tag/security.html$ /tag/security/ permanent; + rewrite ^/tag/firefox.html$ /tag/firefox/ permanent; + rewrite ^/tag/security_advice.html$ /tag/security/ permanent; + rewrite ^/tag/linux.html$ /tag/linux/ permanent; + rewrite ^/tag/websites.html$ /tag/websites/ permanent; + rewrite ^/tag/pentesting.html$ /tag/pentesting/ permanent; + rewrite ^/tag/vim.html$ /tag/vim/ permanent; + rewrite ^/tag/home_assistant.html$ /tag/home_assistant/ permanent; + rewrite ^/blog/freelance-business-security.html$ /blog/freelance-business-security/ permanent; + rewrite ^/blog/wordpress-username-enumeration.html$ /blog/wordpress-username-enumeration/ permanent; + rewrite ^/blog/mutt-setup.html$ /blog/mutt-setup/ permanent; + rewrite ^/blog/building-a-zsh-prompt.html$ /blog/building-a-zsh-prompt/ permanent; + rewrite ^/blog/exchange-mutt.html$ /blog/exchange-mutt/ permanent; + rewrite ^/blog/fuzzy-search-hashcat-modes.html$ /blog/fuzzy-search-hashcat-modes/ permanent; + rewrite ^/blog/tools-that-make-my-life-easier.html$ /blog/tools-that-make-my-life-easier/ permanent; + rewrite ^/blog/outlook-mutt.html$ /blog/outlook-mutt/ permanent; + rewrite ^/blog/upgrading-reverse-shells.html$ /blog/upgrading-reverse-shells/ permanent; + rewrite ^/blog/current-word-completion.html$ /blog/current-word-completion/ permanent; + rewrite ^/blog/keyboard-driven-firefox.html$ /blog/keyboard-driven-firefox/ permanent; + rewrite ^/blog/why-i-made-the-switch-to-zsh.html$ /blog/why-i-made-the-switch-to-zsh/ permanent; + rewrite ^/blog/starting-out-with-homeassistant.html$ /blog/starting-out-with-homeassistant/ permanent; + rewrite ^/blog/the-switch-to-zsh.html$ /blog/the-switch-to-zsh/ permanent; + rewrite ^/blog/xss-through-referer-header.html$ /blog/xss-through-referer-header/ permanent; + rewrite ^/blog/my-setup-jan-2021.html$ /blog/my-setup-jan-2021/ permanent; + rewrite ^/blog/writing-prose-in-vim.html$ /blog/writing-prose-in-vim/ permanent; + + rewrite ^/tag/security_advice/?$ /tag/security/ permanent; + root /usr/share/nginx/html; index index.html index.htm; }