blob: 76581d814bc061f4064add5c4e3d397f6cda5b13 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
# Paste-cgi
## Description
This is a dirty pastebin done in CGI. It is completely client-side encrypted and server only stores encrypted paste(Title is not encrypted).
## Images
## Nginx Config
```
server {
server_name paste.example.com;
root /example/root/dir;
# Global basic Auth
auth_basic "Restricted Content";
auth_basic_user_file /etc/nginx/.htpasswd;
# Server static files
location = / {
try_files /index.html =404;
}
location = /get {
try_files /get.html =404;
}
location ~* \.(css|js|svg)$ {
try_files $uri =404;
access_log off;
expires 30d;
}
# Handle cgi routes
location ~ ^/(paste|submit)$ {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /example/path/to/cgi;
fastcgi_param PATH_INFO $uri;
fastcgi_param QUERY_STRING $args;
fastcgi_param HTTP_HOST $server_name;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param ALLOWED_DIR /example/allowed/dir;
fastcgi_pass unix:/run/fcgiwrap.socket;
}
# Deny everything else
location / {
return 403;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/paste.cirakg.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/paste.cirakg.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = paste.cirakg.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name paste.cirakg.xyz;
return 404; # managed by Certbot
}
```
|
