From dcf932b66d0afd2a440d9340678a08ca6b6722f0 Mon Sep 17 00:00:00 2001
From: prance <gbryk1@gmail.com>
Date: Sun, 30 Jan 2022 14:54:51 +0100
Subject: [PATCH] add initial configurations

---
 MUOR/MUOR/configs/muor.conf  | 64 ++++++++++++++++++++++++++++++++++++
 MUOR/MUOR/configs/nginx.conf | 15 +++++----
 2 files changed, 73 insertions(+), 6 deletions(-)
 create mode 100644 MUOR/MUOR/configs/muor.conf

diff --git a/MUOR/MUOR/configs/muor.conf b/MUOR/MUOR/configs/muor.conf
new file mode 100644
index 000000000..c00e813e7
--- /dev/null
+++ b/MUOR/MUOR/configs/muor.conf
@@ -0,0 +1,64 @@
+map $http_upgrade $connection_upgrade {
+        default upgrade;
+        '' close;
+}
+
+upstream django {
+    server localhost:8080;
+}
+
+server {
+    if ($host = randomsec.projektstudencki.pl) {
+        return 301 https://$host$request_uri;
+    }
+    listen 80 reuseport;
+    server_name randomsec.projektstudencki.pl
+    charset utf-8;
+    return 404;
+}
+
+# configuration of the server
+server {
+    # the port your site will be served on
+    listen  443 ssl http2 reuseport;
+    # the domain name it will serve for
+    server_name randomsec.projektstudencki.pl
+    charset utf-8;
+
+    # max upload size
+    client_max_body_size 75M;   # adjust to taste
+
+#     location /static {
+#         alias /path/to/static; #TODO add path
+#         expires 30d;
+#         access_log off;
+#         add_header Pragma public;
+#         add_header Cache-Control "public";
+#     }
+
+    error_page 500 502 503 504 404 /error.html;
+
+    location = /error.html {
+        add_header Content-Type text/html;
+        return 200 '<meta http-equiv="refresh" content="1; URL=http://randomsec.projektstudencki.pl/" />';
+    }
+
+    location /logout/ {
+        proxy_pass http://django;
+    }
+
+    # Finally, send all non-media requests to the Django server.
+    location / {
+        if ($cookie_sessionid = ""){
+            proxy_pass http://django; # TODO prolly change that to uwsgi_pass
+        }
+    }
+
+    ssl_certificate /etc/letsencrypt/live/randomsec.projektstudencki.pl/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/randomsec.projektstudencki.pl/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+    # add_header Strict-Transport-Security max-age=31536000;
+}
\ No newline at end of file
diff --git a/MUOR/MUOR/configs/nginx.conf b/MUOR/MUOR/configs/nginx.conf
index 905ffa997..b42d0f3a3 100644
--- a/MUOR/MUOR/configs/nginx.conf
+++ b/MUOR/MUOR/configs/nginx.conf
@@ -1,11 +1,14 @@
-worker_processes 1;
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
 
 events {
-	worker_connections 1024;
+	worker_connections 768;
+	# multi_accept on;
 }
 
 http {
-
 	##
 	# Basic Settings
 	##
@@ -27,8 +30,8 @@ http {
 	# SSL Settings
 	##
 
-	ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
-	ssl_prefer_server_ciphers on;
+#	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
+#	ssl_prefer_server_ciphers on;
 
 	##
 	# Logging Settings
@@ -48,7 +51,7 @@ http {
 	# gzip_comp_level 6;
 	# gzip_buffers 16 8k;
 	# gzip_http_version 1.1;
-    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+        gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
 
 
 	##