diff --git a/conf/Discord.conf b/conf/Discord.conf new file mode 100644 index 0000000..e2d8d0c --- /dev/null +++ b/conf/Discord.conf @@ -0,0 +1,183 @@ +# Discord Start +upstream DiscordApp-com { + server 162.159.129.233:443; + server 162.159.130.233:443; + server 162.159.133.233:443; + server 162.159.134.233:443; + server 162.159.135.233:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name discordapp.com; + server_name url9177.discordapp.com; + server_name canary-api.discordapp.com; + server_name cdn-ptb.discordapp.com; + server_name ptb.discordapp.com; + server_name status.discordapp.com; + server_name cdn-canary.discordapp.com; + server_name cdn.discordapp.com; + server_name streamkit.discordapp.com; + server_name i18n.discordapp.com; + server_name url9624.discordapp.com; + server_name url7195.discordapp.com; + server_name merch.discordapp.com; + server_name printer.discordapp.com; + server_name canary.discordapp.com; + server_name apps.discordapp.com; + server_name pax.discordapp.com; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://DiscordApp-com/; + include proxy.params; + } +} + +upstream Discord-com { + server 162.159.135.232:443; + server 162.159.136.232:443; + server 162.159.137.232:443; + server 162.159.138.232:443; + server 162.159.128.233:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name discord.com; + server_name status.discord.com; + server_name streamkit.discord.com; + server_name feedback.discord.com; + server_name click.discord.com; + server_name pax.discord.com; + server_name printer.discord.com; + server_name ptb.discord.com; + server_name canary.discord.com; + server_name bugs.discord.com; + server_name i18n.discord.com; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://Discord-com/; + tcp_nodelay on; + #proxy_set_header Upgrade $http_upgrade; + #proxy_set_header Connection "Upgrade"; + proxy_headers_hash_max_size 8192; + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + proxy_set_header Cookie $http_cookie; + include proxy.params; + } +} + +upstream Discord-gg { + server 162.159.130.234:443; + server 162.159.133.234:443; + server 162.159.134.234:443; + server 162.159.135.234:443; + server 162.159.126.234:443; + keepalive 32; + keepalive_time 1h; + keepalive_timeout 60s; + keepalive_requests 64; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name discord.gg; + server_name gateway.discord.gg; + server_name gateway-us-east1-b.discord.gg; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://Discord-gg/; + tcp_nodelay on; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + include proxy.params; + } +} + +upstream support-Discord-com { + server 104.16.51.111:443; + server 104.16.53.111:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name support.discord.com; + server_name safety.discord.com; + server_name support-dev.discord.com; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://support-Discord-com/; + include proxy.params; + } +} + +upstream dl-discordapp-net { + server 162.159.129.232:443; + server 162.159.130.232:443; + server 162.159.133.232:443; + server 162.159.134.232:443; + server 162.159.128.233:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name dl.discordapp.net; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://dl-discordapp-net/; + include proxy.params; + } +} + +upstream media-discordapp-net { + server 162.159.128.232:443; + server 162.159.129.232:443; + server 162.159.130.232:443; + server 162.159.133.232:443; + server 162.159.134.232:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name media.discordapp.net; + server_name images-ext-2.discordapp.net; + server_name images-ext-1.discordapp.net; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://media-discordapp-net/; + proxy_http_version 1.1; + proxy_set_header Host media.discordapp.net; + proxy_set_header User-Agent $http_user_agent; + proxy_set_header Accept-Encoding ''; + proxy_ssl_server_name on; + proxy_buffering off; + } +} + +# Discord End \ No newline at end of file diff --git a/conf/E-hentai.conf b/conf/E-hentai.conf new file mode 100644 index 0000000..b2e74ad --- /dev/null +++ b/conf/E-hentai.conf @@ -0,0 +1,162 @@ +# E-Hentai Start +upstream exhentai-lb { + server 178.175.128.252:443; + server 178.175.128.254:443; + server 178.175.129.252:443; + server 178.175.129.254:443; + server 178.175.132.20:443; + server 178.175.132.22:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name exhentai.org; + server_name *.exhentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://exhentai-lb/; + proxy_next_upstream_timeout 75; + proxy_connect_timeout 10; + proxy_send_timeout 5; + proxy_read_timeout 5; + include proxy.params; + } +} + +upstream e-hentai-lb { + server 212.7.202.35:443; + server 212.7.202.48:443; + server 212.7.200.92:443; + server 212.7.200.95:443; + keepalive 4; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name e-hentai.org; + server_name r.e-hentai.org; + server_name g.e-hentai.org; + server_name lofi.e-hentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://e-hentai-lb/; + proxy_next_upstream_timeout 100; + proxy_connect_timeout 10; + include proxy.params; + } +} + +upstream forums-e-hentai-lb { + server 94.100.18.243:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name forums.e-hentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://94.100.18.243:443/; + include proxy.params; + } +} + +upstream api-e-hentai-lb { + server 212.7.202.51:443; + server 212.7.200.104:443; + keepalive 2; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name api.e-hentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://api-e-hentai-lb/; + proxy_connect_timeout 10; + include proxy.params; + } +} + +upstream upload-e-hentai-lb { + server 94.100.18.247:443; + server 94.100.18.249:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name upld.e-hentai.org; + server_name upload.e-hentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + client_max_body_size 400M; + fastcgi_connect_timeout 3000; + fastcgi_send_timeout 3000; + fastcgi_read_timeout 3000; + proxy_pass https://upload-e-hentai-lb/; + include proxy.params; + } +} + +upstream ehgt-org { + server 37.48.89.44:443; + server 81.171.10.48:443; + server 178.162.139.24:443; + server 178.162.140.212:443; + server [2001:1af8:4700:a062:9::47de]:443; + server [2001:1af8:4700:a062:8::47de]:443; + server [2001:1af8:4700:a0c9:4::47de]:443; + server [2001:1af8:4700:a0c9:3::47de]:443; + #server ehgt.c15412.tk:443; +} +server { + listen 443 ssl http2; + listen 127.0.0.2:443 ssl http2; + listen [::]:443 ssl http2; + server_name ehgt.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://ehgt-org/; + proxy_connect_timeout 5; + include proxy.params; + } +} +# E-Hentai End \ No newline at end of file diff --git a/conf/GV.conf b/conf/GV.conf new file mode 100644 index 0000000..18d91dd --- /dev/null +++ b/conf/GV.conf @@ -0,0 +1,20 @@ +proxy_max_temp_file_size 0; +keepalive_timeout 120s; +keepalive_requests 30000; +#limit_rate_after 1M; +limit_rate 2M; +resolver 119.29.29.29:53 valid=1h ipv4=off ipv6=on; +if ( $http_host ~ (([\S\s]*).googlevideo.com) ){ + proxy_pass https://$2.${domain_SUFFIX}:443; +#$2是匹配上的变量部分 +} + +proxy_set_header Connection ""; +proxy_connect_timeout 5; +proxy_set_header Range $http_range; +proxy_set_header If-Range $http_if_range; +include proxy.params; + +#access_log logs/GoogleVideo-access.log GoogleVideo buffer=4k gzip=4; +access_log off; +error_log logs/GoogleVideo-error.log warn; \ No newline at end of file diff --git a/conf/GoogleVideo.conf b/conf/GoogleVideo.conf new file mode 100644 index 0000000..c8bae2f --- /dev/null +++ b/conf/GoogleVideo.conf @@ -0,0 +1,159 @@ + +upstream Google-Video { + server 127.0.0.129:65496; + server 127.0.0.129:65497; + server 127.0.0.129:65498; + server 127.0.0.129:65499; + server 127.0.0.129:65500; + server 127.0.0.129:65501; + server 127.0.0.129:65502; + server 127.0.0.129:65503; + server 127.0.0.129:65504; +} + +log_format GoogleVideo '[$time_local]- 请求耗时"$request_time" $http_host 服务器地址:$proxy_host $server_protocol\n 上游状态"$upstream_status" 上游地址:"$upstream_addr"\n $status 总字节数$body_bytes_sent'; + +server { + listen 127.0.0.129:65496 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "offline-maps.gvt1.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65497 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "c.2mdn.net"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65498 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "bdn.dev"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65499 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "gvt1.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65500 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "xn--ngstr-lra8j.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65501 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "snap.gvt1.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65502 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "gcpcdn.gvt1.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65503 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "c.bigcache.googleapis.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65504 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "c.googlesyndication.com"; + include GV.conf; + } +} + + +#  GoogleVideo.com +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + access_log logs/GoogleVideo-access.gzip main gzip=4 buffer=4k; + error_log logs/GoogleVideo-error.log; + + server_name *.googlevideo.com; + + include cert.conf; + location / { + proxy_max_temp_file_size 0; + keepalive_timeout 120s; + #resolver [::1]:53 valid=180s ipv4=off ipv6=on; + proxy_pass https://Google-Video; + proxy_next_upstream_timeout 60; + proxy_set_header X-Host $host; + proxy_set_header Range $http_range; + proxy_set_header If-Range $http_if_range; + include proxy.params; + proxy_ssl_name $host; + } +} +# GoogleVideo End + + +#  ggpht.com +upstream ggpht-com { + server [2607:f8b0:4002:c10::84]:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + access_log off; + error_log logs/GoogleVideo-error.log; + + server_name *.ggpht.com; + + include cert.conf; + location / { + proxy_max_temp_file_size 0; + keepalive_timeout 120s; + #resolver [::1]:53 valid=180s ipv4=off ipv6=on; + proxy_pass https://ggpht-com; + proxy_next_upstream_timeout 30; + include proxy.params; + proxy_set_header Range $http_range; + proxy_set_header If-Range $http_if_range; + } +} \ No newline at end of file diff --git a/conf/PayPal.conf b/conf/PayPal.conf new file mode 100644 index 0000000..aedb12a --- /dev/null +++ b/conf/PayPal.conf @@ -0,0 +1,32 @@ + +# PayPal Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name checkout.paypal.com; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=300s; + set $checkout_paypal d37t8d3i48djc7.cloudfront.net; + proxy_pass https://$checkout_paypal:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name c.paypal.com; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=300s; + set $c_paypal c-fastly.glb.paypal.com; + proxy_pass https://$c_paypal:443/; + include proxy.params; + } +} +# PayPal End \ No newline at end of file diff --git a/conf/Pixiv.conf b/conf/Pixiv.conf new file mode 100644 index 0000000..5fb88e3 --- /dev/null +++ b/conf/Pixiv.conf @@ -0,0 +1,649 @@ +upstream www-pixiv-net { + server 210.140.131.181:443; + server 210.140.131.183:443; + server 210.140.131.185:443; + server 210.140.131.119:443; + server 210.140.131.220:443; + server 210.140.131.222:443; + server 210.140.131.223:443; + server 210.140.131.224:443; + server 210.140.131.225:443; + server 210.140.131.226:443; + keepalive 16; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream account-pixiv-net { + server 210.140.131.219:443; + server 210.140.131.223:443; + server 210.140.131.226:443; + keepalive 4; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream ssl-pixiv-net { + server 210.140.92.192:443; + server 210.140.92.193:443; + server 210.140.92.183:443; +} + +upstream sketch-pixiv-net { + server 210.140.174.37:443; + server 210.140.170.179:443; + server 210.140.175.130:443; + keepalive 3; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream sketch-hls-server { + server 210.140.214.211:443; + server 210.140.214.212:443; + server 210.140.214.213:443; + keepalive 3; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream imgaz-pixiv-net { + server 210.140.131.145:443; + server 210.140.131.144:443; + server 210.140.131.147:443; + server 210.140.131.153:443; + keepalive 4; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream i-pximg-net { + #server s.pximg.net:443; + #server 210.140.92.134:443; + #server 210.140.92.135:443; + #server 210.140.92.136:443; + #server 210.140.92.137:443; + #server 210.140.92.138:443; + #server 210.140.92.139:443; + #server 210.140.92.140:443; + server 210.140.92.141:443; + server 210.140.92.142:443; + server 210.140.92.143:443; + server 210.140.92.144:443; + server 210.140.92.145:443; + server 210.140.92.146:443; + server 210.140.92.148:443; + server 210.140.92.149:443; + server 210.140.139.131:443; + server 210.140.139.132:443; + server 210.140.139.133:443; + server 210.140.139.134:443; + server 210.140.139.135:443; + server 210.140.139.136:443; + + keepalive 16; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream fanbox-cc { + server 210.140.92.179:443; + server 210.140.92.180:443; + server 210.140.92.181:443; + server 210.140.92.182:443; + server 210.140.92.183:443; + server 210.140.92.184:443; + server 210.140.92.185:443; + server 210.140.92.186:443; + server 210.140.92.187:443; + + keepalive 16; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream app-api-pixiv-net { + server 210.140.131.218:443; + server 210.140.131.223:443; + server 210.140.131.226:443; +} + +# default_server Start +upstream rpc-hh { + server 94.100.24.67:80; + server 94.100.24.68:80; + server 94.100.24.69:80; +} +server { + listen 80 default_server; + listen [::]:80 default_server; + #if ($http_host != "rpc.hentaiathome.net") { + # + access_log off; + rewrite ^(.*) https://$host$1 permanent; + #} + #location / { + # proxy_pass http://rpc-hh/; + # proxy_http_version 1.1; + # proxy_next_upstream_timeout 10; + # proxy_connect_timeout 2; + # proxy_send_timeout 2; + # proxy_read_timeout 2; + # proxy_set_header Host $http_host; + # proxy_set_header User-Agent $http_user_agent; + # proxy_set_header Accept-Encoding ''; + # proxy_buffering off; + #} +} +# default_server End + +# Pixiv Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name www.pixiv.net; + + include cert.conf; + + client_max_body_size 50M; + + location / { + proxy_pass https://www-pixiv-net; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name accounts.pixiv.net; + server_name oauth.secure.pixiv.net; + server_name source.pixiv.net; + server_name app-api.pixiv.net; + server_name payment.pixiv.net; + server_name sensei.pixiv.net; + server_name dic.pixiv.net; + server_name en-dic.pixiv.net; + + include cert.conf; + + client_max_body_size 50M; + + location / { + proxy_pass https://account-pixiv-net/; + include proxy.params; + } +} + + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name pixiv.net; + server_name ssl.pixiv.net; + server_name touch.pixiv.net; + server_name factory.pixiv.net; + server_name fanbox.pixiv.net; + + include cert.conf; + + client_max_body_size 50M; + + location / { + proxy_pass https://ssl-pixiv-net; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.pximg.net; + + include cert.conf; + + location / { + proxy_pass https://i-pximg-net; + proxy_next_upstream_timeout 30; + proxy_connect_timeout 4; + proxy_set_header Referer "https://www.pixiv.net/"; + proxy_set_header Sec-Fetch-Site "cross-site"; + keepalive_timeout 120; + + include proxy.params; + allow all; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name downloads.fanbox.cc; + server_name *.fanbox.cc; + + include cert.conf; + + location / { + proxy_pass https://fanbox-cc/; + include proxy.params; + allow all; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name sketch.pixiv.net; + + include cert.conf; + + location / { + proxy_pass https://sketch-pixiv-net; + include proxy.params; + } + + # Proxying WebSockets + location /ws/ { + proxy_pass https://sketch-pixiv-net; + include proxy.params; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + #proxy_set_header Host $host; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.pixivsketch.net; + + include cert.conf; + + location / { + proxy_pass https://sketch-hls-server; + include proxy.params; + } +} + +#server { +# listen 443 ssl http2; +# listen [::]:443 ssl http2; +# server_name factory.pixiv.net; +# +# include cert.conf; +# +# location / { +# proxy_pass https://210.140.131.180:443/; +# proxy_http_version 1.1; +# include proxy.params; +# } +#} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name imgaz.pixiv.net; + server_name comic.pixiv.net; + server_name novel.pixiv.net; + server_name i1.pixiv.net; + server_name i2.pixiv.net; + server_name i3.pixiv.net; + server_name i4.pixiv.net; + + + include cert.conf; + + location / { + proxy_pass https://imgaz-pixiv-net; + include proxy.params; + } +} +# +#server { +# listen 443 ssl http2; +# listen [::]:443 ssl http2; +# +# include cert.conf; +# server_name app-api.pixiv.net; +# location / { +# proxy_pass https://app-api-pixiv-net; +# proxy_http_version 1.1; +# include proxy.params; +# } +#} +# Pixiv End + +# Wiki Start +upstream wikipedia-text-lb { + server 208.80.153.224:443; + #server 208.80.154.224:443; + server 91.198.174.192:443; + #server 103.102.166.224:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.wikipedia.org; + server_name *.m.wikipedia.org; + + include cert.conf; + + location / { + proxy_pass https://wikipedia-text-lb/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name wikimedia.org; + + include cert.conf; + + location / { + proxy_pass https://wikipedia-text-lb/; + include proxy.params; + } +} + +upstream wikipedia-upload-lb { + server 208.80.153.240:443; + server 208.80.154.240:443; + server 91.198.174.208:443; + server 103.102.166.240:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name upload.wikimedia.org; + + include cert.conf; + + location / { + proxy_pass https://wikipedia-upload-lb/; + include proxy.params; + } +} +# Wiki End + +# archiveofourown Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.archiveofourown.org; + server_name archiveofourown.org; + + include cert.conf; + + location / { + proxy_pass https://104.153.64.122:443/; + include proxy.params; + } +} +# archiveofourown End + +# Nyaa Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name sukebei.nyaa.si; + + include cert.conf; + + location / { + proxy_pass https://198.251.89.38:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name nyaa.si; + server_name www.nyaa.si; + + include cert.conf; + + location / { + proxy_pass https://185.178.208.182:443/; + include proxy.params; + } +} +# Nyaa End + +# github Start +upstream Github-com { + #server 140.82.112.3:443; + #server 140.82.112.4:443; + #server 140.82.113.3:443; + #server 140.82.113.4:443; + #server 140.82.114.3:443; + #server 140.82.114.4:443; + #server 140.82.116.3:443; + #server 140.82.116.4:443; + #server 140.82.121.3:443; + #server 140.82.121.4:443; + #server 52.69.186.44:443;# + #server 52.192.72.89:443;# + #server 52.78.231.108:443;#52.192.72.89 + #server 52.69.186.44:443; + server 20.205.243.166:443; + server 20.27.177.113:443; + server 20.200.245.247:443; +} + +upstream githubusercontent-com { + server 185.199.109.133:443; + server 185.199.108.133:443; + server 185.199.110.133:443; + server 185.199.111.133:443; + server 146.75.112.113:443; + server 146.75.20.133:443; + server 151.101.64.133:443; + server 151.101.76.133:443; + server 151.101.108.133:443; + server 151.101.128.133:443; + server 151.101.192.133:443; + server 151.101.228.133:443; + server 199.232.208.133:443; + server 199.232.212.133:443; + server 199.232.232.133:443; + server [2a04:4e42:12::133]:443; + server [2a04:4e42:15::133]:443; + server [2a04:4e42:1a::133]:443; + server [2a04:4e42:36::133]:443; + server [2a04:4e42:48::133]:443; + server [2a04:4e42:75::133]:443; + server [2a04:4e42:76::133]:443; + server [2a04:4e42:8c::133]:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name github.com; + server_name *.github.com; + + include cert.conf; + + location / { + proxy_pass https://Github-com/; + proxy_headers_hash_max_size 8192; + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + include proxy.params; + } +} + +server { + listen 80; + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name githubusercontent.com; + server_name *.githubusercontent.com; + server_name githubassets.com; + server_name *.githubassets.com; + + include cert.conf; + + location / { + proxy_pass https://githubusercontent-com/; + proxy_connect_timeout 4; + proxy_read_timeout 1; + proxy_send_timeout 1; + proxy_next_upstream_timeout 32; + proxy_set_header Range $http_range; + proxy_set_header If-Range $http_if_range; + include proxy.params; + } +} +# github End + +# EA Start +upstream Origin-CDN { + server cctv4-lh.akamaihd.net:443; + server moviesok-i.akamaihd.net:443; + server vluki-a.akamaihd.net:443; + server hgtv-i.akamaihd.net:443; + server toots-a.akamaihd.net:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name origin-a.akamaihd.net; + + include cert.conf; + + location / { + proxy_pass https://Origin-CDN/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name api1.origin.com; + + include cert.conf; + + location / { + proxy_pass https://api2.origin.com:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name pc.ea.com; + + include cert.conf; + + location / { + proxy_pass https://e8688.e12.akamaiedge.net:443/; + include proxy.params; + } +} +# EA End + +# my-freenom-com Start +server { + listen 443 ssl so_keepalive=on; + listen [::]:443 ssl so_keepalive=on; + server_name my.freenom.com; + + include cert.conf; + + location / { + #resolver 223.5.5.5 valid=600; + set $my_freenom_com lb-my-freenom-com-vpc-2022-1373795610.eu-west-1.elb.amazonaws.com; + proxy_pass https://$my_freenom_com/; + include proxy.params; + #proxy_ssl_name $my_freenom_com; + + #proxy_set_header Cookie $http_cookie; + proxy_connect_timeout 10; + proxy_send_timeout 120; + proxy_read_timeout 120; + } +} +# my-freenom-com End + + +# wix Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com; + server_name images-wixmp-530a50041672c69d335ba4cf.wixmp.com; + + include cert.conf; + + location / { + proxy_pass https://34.96.91.138:443/; + + include proxy.params; + + proxy_set_header Cookie $http_cookie; + proxy_connect_timeout 4; + proxy_send_timeout 4; + proxy_read_timeout 4; + } +} +# wix End + +# pixeldrain Start +upstream pixeldrain-com { + server 50.7.24.66:443; + server [2001:49f0:d0f6:8::2]:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name pixeldrain.com; + + include cert.conf; + + location / { + proxy_pass https://pixeldrain-com/; + include proxy.params; + + proxy_set_header Cookie $http_cookie; + proxy_connect_timeout 4; + proxy_send_timeout 4; + proxy_read_timeout 4; + } +} +# pixeldrain End +# pixeldrain Start +upstream apkpure-com { + server [2606:4700:10::ac43:87f]:443; + server [2606:4700:10::6816:577]:443; + server [2606:4700:10::6816:477]:443; + server 104.22.4.119:443; + server 172.67.8.127:443; + server 104.22.5.119:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name apkpure.com *.apkpure.com; + include cert.conf; + + location / { + proxy_pass https://apkpure-com/; + include proxy.params; + proxy_set_header Cookie $http_cookie; + proxy_ssl_name "${http_host}"; + proxy_connect_timeout 4; + proxy_send_timeout 4; + proxy_read_timeout 4; + } +} +# pixeldrain End diff --git a/conf/Reddit.conf b/conf/Reddit.conf new file mode 100644 index 0000000..a38365f --- /dev/null +++ b/conf/Reddit.conf @@ -0,0 +1,52 @@ +# Reddit Start + +upstream Reddit { + server 146.75.21.140:443; + server 151.101.77.140:443; + server 151.101.89.140:443; + server 151.101.109.140:443; + #server 151.101.133.140:443; + ##级差为4个/24段,即为/22 + + keepalive 16; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 4000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name reddit.com; + server_name *.reddit.com; + server_name redd.it; + server_name *.redd.it; + server_name redditstatic.com; + server_name *.redditstatic.com; + server_name redditmedia.com; + server_name *.redditmedia.com; + + include cert.conf; + access_log logs/Reddit-access.log main buffer=4k; + error_log nul; + + location / { + proxy_max_temp_file_size 0; + proxy_buffer_size 64k; + proxy_buffers 32 64k; + proxy_busy_buffers_size 128k; + keepalive_timeout 120; + keepalive_requests 4000; + + proxy_pass https://Reddit/; + proxy_set_header Connection ""; + + proxy_set_header Range $http_range; + proxy_set_header If-Range $http_if_range; + proxy_next_upstream error timeout http_429 http_500 http_502 http_503 http_504 non_idempotent; + proxy_connect_timeout 3; + + include proxy.params; + } +} +# Reddit End \ No newline at end of file diff --git a/conf/Steam.conf b/conf/Steam.conf new file mode 100644 index 0000000..0cb44e6 --- /dev/null +++ b/conf/Steam.conf @@ -0,0 +1,317 @@ +upstream steam-store { + server 104.71.48.121:443 max_fails=2 fail_timeout=60s; + #server 23.1.179.144:443 max_fails=2 fail_timeout=60s;#HighPing + #server 23.45.56.78:443 max_fails=2 fail_timeout=60s;#HighPing + server 184.24.82.108:443 max_fails=2 fail_timeout=60s; + server 184.85.112.102:443 max_fails=2 fail_timeout=60s; + server 184.87.103.42:443 max_fails=2 fail_timeout=60s; + server 23.77.215.46:443 max_fails=2 fail_timeout=60s;# + server 23.51.142.168:443 max_fails=2 fail_timeout=60s;# + server 23.41.77.6:443 max_fails=2 fail_timeout=60s;# + #server 23.36.106.129:443 max_fails=2 fail_timeout=60s;#HighPing + #server 23.36.252.78:443 max_fails=2 fail_timeout=60s;#HighPing + server 23.208.81.63:443 max_fails=2 fail_timeout=60s;# + server 23.200.148.81:443 max_fails=2 fail_timeout=60s;# + server 23.200.152.81:443 max_fails=2 fail_timeout=60s;# + server 23.219.73.99:443 max_fails=2 fail_timeout=60s;# + server 23.211.57.127:443 max_fails=2 fail_timeout=60s;# + server 23.219.69.47:443 max_fails=2 fail_timeout=60s;# + #server 23.195.152.91:443 max_fails=2 fail_timeout=60s;#HighPing + server 23.198.37.119:443 max_fails=2 fail_timeout=60s;# + server 23.48.229.101:443 max_fails=2 fail_timeout=60s;# + keepalive 16; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 10000; + + #server steampowered.com:443; + #server www.steampowered.com:443; + #server store.steampowered.com:443; +} +upstream steam-community { + server 23.1.179.144:443; + server 104.103.145.69:443; + server 104.91.87.202:443; + #server 104.78.121.166:443; + #server 104.85.204.121:443; + #server 104.103.245.88:443; + #server 104.124.156.199:443; + #server 104.127.87.210:443; + #server 184.26.129.66:443; + #server 23.45.56.78:443; + #server 23.53.54.51:443; + #server 23.58.33.236:443; + #server 23.212.216.106:443; +} + +upstream steam-chat { + #server humblebundle-a.akamaihd.net:443; + #server eaassets-a.akamaihd.net:443; + server 184.26.252.135:443; + #keepalive 8; + #keepalive_requests 10000; +} + +#upstream steam-cdn { +# server eaassets-a.akamaihd.net:443; +# server steamuserimages-a.akamaihd.net:443; +# server steamuserimages-a.akamaihd.net.edgesuite.net:443; +# #server steamstore-a.akamaihd.net:443; +# #server steamcommunity-a.akamaihd.net:443; +# server a1737.b.akamai.net:443; +# server a1843.g1.akamai.net:443; +# server a1507.dscw27.akamai.net:443; +# server a1639.dscb.akamai.net:443; +#} + +upstream steam-community302 { + server str001.steam302.xyz:443; + server str002.steam302.xyz:443; + server str003.steam302.xyz:443; +} + +# Steam Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.steamcommunity.com; + server_name steamcommunity.com; + + include cert.conf; + + location ^.*(discussions|comment|forum).*$ { + proxy_pass https://steam-community302/; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real_IP $remote_addr; + include proxy.params; + } + + location / { + proxy_pass https://steam-community/; + + proxy_next_upstream_timeout 60; + proxy_connect_timeout 6; + proxy_send_timeout 6; + proxy_read_timeout 6; + include proxy.params; + #proxy_ssl_name $http_host; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + #resolver public1.alidns.com valid=300; + server_name store.steampowered.com; + server_name api.steampowered.com; + server_name checkout.steampowered.com; + server_name help.steampowered.com; + server_name login.steampowered.com; + server_name steampowered.com; + + include cert.conf; + #access_log logs/SteamCDN-access.log main; + access_log off; + error_log logs/SteamCDN-error.log; + + location / { + proxy_next_upstream_timeout 90; + proxy_connect_timeout 2; + proxy_pass https://steam-store/; + proxy_next_upstream error timeout http_403 http_429 http_500 http_502 http_503 http_504 non_idempotent; + include proxy.params; + #proxy_ssl_name $http_host; + } +} + +upstream steamstatic-akamai { + server 184.27.185.73:443; + server 184.27.185.76:443; + server 184.26.43.79:443; + server 184.26.43.80:443; + server 184.26.91.162:443; + server 184.26.91.47:443; + server 23.48.201.10:443; + server 23.48.201.16:443; + server 23.48.201.33:443; + server 23.48.201.34:443; + server 23.49.104.197:443; + server 23.49.104.200:443; + server 23.49.104.201:443; + server 23.49.104.202:443; + server 23.202.34.90:443; + server 23.202.34.91:443; + server 23.202.34.120:443; + server 23.202.34.250:443; + server 23.202.35.57:443; + server 23.202.35.90:443; + server 23.202.35.120:443; + server 23.202.35.250:443; + keepalive 32; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 10000; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name community.akamai.steamstatic.com; + server_name community.cloudflare.steamstatic.com; + server_name community.steamstatic.com; + + include cert.conf; + + location / { + proxy_pass https://steamstatic-akamai; + proxy_http_version 1.1; + proxy_next_upstream_timeout 60; + proxy_connect_timeout 3; + proxy_next_upstream error timeout http_403 http_429 http_500 http_502 http_503 http_504 non_idempotent; + proxy_set_header Host "community.steamstatic.com"; + proxy_set_header User-Agent $http_user_agent; + proxy_set_header Accept-Encoding ''; + proxy_ssl_server_name off; + proxy_ssl_name "community.steamstatic.com"; + proxy_buffering off; + access_log off; + error_log logs/SteamCDN-error.log; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name steamuserimages-a.akamaihd.net; + server_name steamcdn-a.akamaihd.net; + server_name steamcommunity-a.akamaihd.net; + + include cert.conf; + + location / { + #set $rewrite_host "${http_host}.edgesuite.net"; + resolver public1.alidns.com valid=300 ipv4=on ipv6=off; + #proxy_pass https://$rewrite_host; + proxy_pass https://steamstatic-akamai; + proxy_connect_timeout 3s; + include proxy.params; + proxy_ssl_name $http_host; + access_log off; + error_log logs/SteamCDN-error.log; + } +} + +#SteamStatic 国内cdn:白山云eccdnx:st.dl.eccdnx.com +#阿里昆仑雀牛云cdn.queniuqe.com +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name cdn.cloudflare.steamstatic.com cdn.akamai.steamstatic.com cdn.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "media.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name clan.steamstatic.com clan.akamai.steamstatic.com clan.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "clan.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name avatars.steamstatic.com avatars.akamai.steamstatic.com avatars.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "avatars.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name store.steamstatic.com store.akamai.steamstatic.com store.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "store.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name shared.steamstatic.com shared.akamai.steamstatic.com shared.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "shared.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name video.steamstatic.com video.akamai.steamstatic.com video.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "video.steamstatic.com.edgesuite.net"; + resolver public1.alidns.com valid=300 ipv4=on ipv6=off; + proxy_pass https://$rewrite_host; + #proxy_pass https://steamstatic-akamai; + proxy_http_version 1.1; + proxy_connect_timeout 3s; + proxy_set_header Host "video.steamstatic.com"; + proxy_set_header User-Agent $http_user_agent; + proxy_set_header Accept-Encoding ''; + proxy_buffering off; + proxy_ssl_server_name off; + proxy_ssl_name "video.steamstatic.com"; + access_log off; + error_log logs/SteamCDN-error.log; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name steambroadcast.akamaized.net broadcast.akamai.steamstatic.com broadcast.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + #set $source_host "broadcast.akamai.steamstatic.com"; + set $rewrite_host "${http_host}.edgesuite.net"; + resolver public1.alidns.com valid=300 ipv4=on ipv6=off; + #proxy_pass https://$rewrite_host; + proxy_pass https://steamstatic-akamai; + proxy_connect_timeout 3s; + + include proxy.params; + #proxy_ssl_name $source_host; + access_log off; + error_log logs/SteamCDN-error.log; + } +} + +# Steam End diff --git a/conf/SteamCDN..conf b/conf/SteamCDN..conf new file mode 100644 index 0000000..4053d93 --- /dev/null +++ b/conf/SteamCDN..conf @@ -0,0 +1,12 @@ +resolver 119.29.29.29 valid=300 ipv4=on ipv6=on;# ipv4=on ipv6=off +proxy_pass https://$rewrite_host; +proxy_http_version 1.1; +proxy_connect_timeout 4s; +proxy_set_header Host $rewrite_host; +proxy_set_header User-Agent $http_user_agent; +proxy_set_header Accept-Encoding ''; +proxy_buffering off; +proxy_ssl_server_name off; + +access_log off; +error_log logs/SteamCDN-error.log; \ No newline at end of file diff --git a/conf/Twitch.conf b/conf/Twitch.conf new file mode 100644 index 0000000..9c96306 --- /dev/null +++ b/conf/Twitch.conf @@ -0,0 +1,510 @@ +# Twitch Start +upstream twitch-tv { + server 151.101.2.167:443; + server 151.101.66.167:443; + server 151.101.130.167:443; + server 151.101.194.167:443; + server 151.101.230.167:443; + server twitch.map.fastly.net:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name twitch.tv; + server_name www.twitch.tv; + server_name m.twitch.tv; + server_name app.twitch.tv; + server_name clips.twitch.tv; + server_name gql.twitch.tv; + server_name dashboard.twitch.tv; + server_name player.twitch.tv; + server_name api.twitch.tv; + + include cert.conf; + + location / { + resolver public1.alidns.com valid=300; + set $twitch_tv twitch.map.fastly.net; + proxy_pass https://$twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name irc-ws.chat.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://5a895ed07aed1b254ee21cd78958ae0b.steam302.xyz:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name irc-ws-r.chat.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://065f67277ae87878fffaa60519b3ee5c.steam302.xyz:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name vod-storyboards.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=120; + set $vod_storyboards dlifex0fg7ru9.cloudfront.net; + proxy_pass https://$vod_storyboards:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name vod-metro.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $vod_metro d8t045al7vai0.cloudfront.net; + proxy_pass https://$vod_metro:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name music.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $music_twitch_tv d12b3e89c9703p.cloudfront.net; + proxy_pass https://$music_twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name player.m7g.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $player_m7g_twitch dnjmu7cm5xw9w.cloudfront.net; + proxy_pass https://$player_m7g_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name badges.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://dbc180c27b3635f9e5b006f3a037b87e.steam302.xyz:443/; + include proxy.params; + } +} + +upstream d1x43om3304ey9-cloudfront-net { + server 13.225.103.12:443; + server 13.225.103.89:443; + server 13.225.103.105:443; + server 13.225.103.124:443; + server [2600:9000:2200:8a00:2:b70:2c40:93a1]:443; + server [2600:9000:2200:5000:2:b70:2c40:93a1]:443; + server [2600:9000:2200:b400:2:b70:2c40:93a1]:443; + server [2600:9000:2200:7600:2:b70:2c40:93a1]:443; + server [2600:9000:2200:2800:2:b70:2c40:93a1]:443; + server [2600:9000:2200:2400:2:b70:2c40:93a1]:443; + server [2600:9000:2200:2200:2:b70:2c40:93a1]:443; + server [2600:9000:2200:e600:2:b70:2c40:93a1]:443; + server d1x43om3304ey9.cloudfront.net:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name blog.twitch.tv; + + include cert.conf; + + location / { + resolver public1.alidns.com valid=300; + set $blog_twitch d1x43om3304ey9-cloudfront-net; + proxy_pass https://$blog_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name panels.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $panels_twitch_tv d1ut6fykkt3imt.cloudfront.net; + proxy_pass https://$panels_twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name dev.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $dev_twitch_tv d205b01qzi0xib.cloudfront.net; + proxy_pass https://$dev_twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name spade.twitch.tv; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=60; + set $spade_twitch_tv science-edge-external-prod-73889260.us-west-2.elb.amazonaws.com; + proxy_pass https://$spade_twitch_tv/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name vod-secure.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $vod_secure_twitch_tv ds0h3roq6wcgc.cloudfront.net; + proxy_pass https://$vod_secure_twitch_tv/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name trowel.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $trowel_twitch_tv science-edge-external-prod-73889260.us-west-2.elb.amazonaws.com; + proxy_pass https://$trowel_twitch_tv/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name extension-files.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $extension_files_twitch d36mepituis1gg.cloudfront.net; + proxy_pass https://$extension_files_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name help.twitch.tv; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=60; + set $help_twitch_tv e26428.dscx.akamaiedge.net; + proxy_pass https://$help_twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name brand.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $brand_twitch d2g064yykcu7rs.cloudfront.net; + proxy_pass https://$brand_twitch:443/; + include proxy.params; + } +} + +upstream passport-twitch-tv { + server 52.38.185.174:443; + server 34.208.37.185:443; + server 52.36.215.144:443; + server c3ad68a16f66bff24e2d82595bd240a1.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name passport.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://passport-twitch-tv/; + include proxy.params; + } +} + +upstream id-twitch-tv { + server 52.27.34.51:443; + server 52.27.193.97:443; + server 35.164.201.113:443; + server 35.82.117.112:443; + server 35.164.166.201:443; + server 52.32.64.194:443; + server 2973c6ca0e111662ed293b57dbae9fbf.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name id.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://id-twitch-tv/; + include proxy.params; + } +} + +upstream link-twitch-tv { + server 67.199.248.12:443; + server 67.199.248.13:443; + server 985a89155dd090eacda1b82388e334ed.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name link.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://link-twitch-tv/; + include proxy.params; + } +} + +upstream id--cdn-twitch-tv { + server 13.224.167.13:443; + server 13.224.167.21:443; + server 13.224.167.82:443; + server 13.224.167.126:443; + server 108.138.246.32:443; + server 108.138.246.23:443; + server 108.138.246.47:443; + server 108.138.246.101:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name id-cdn.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://id--cdn-twitch-tv/; + include proxy.params; + } +} + +upstream pubsub--edge-twitch-tv { + server 54.186.8.237:443; + server 100.20.215.79:443; + server 35.82.206.220:443; + server 54.69.59.28:443; + server 54.188.166.247:443; + server 34.213.206.213:443; + server 54.184.104.163:443; + server 34.213.26.113:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name pubsub-edge.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://pubsub--edge-twitch-tv/; + include proxy.params; + } +} + +upstream assets-help-twitch-tv { + server 13.225.103.75:443; + server 13.225.103.43:443; + server 13.225.103.12:443; + server 13.225.103.14:443; + server 54.192.18.40:443; + server 54.192.18.82:443; + server 54.192.18.83:443; + server 54.192.18.93:443; + server 6d859be7aa0440f65c8a940ef5218337.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name assets.help.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://assets-help-twitch-tv/; + include proxy.params; + } +} + +upstream discuss-dev-twitch-tv { + server 54.69.226.84:443; + server 522c432cc10e237a02fa1d6481d7d247.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name discuss.dev.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://discuss-dev-twitch-tv/; + include proxy.params; + } +} + +upstream ingest-twitch-tv { + server 192.108.239.253:443; + server 23.160.0.253:443; + server b3d696173d52b66e1caab6145cb5058b.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name ingest.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://ingest-twitch-tv/; + include proxy.params; + } +} + +upstream usher-ttvnw-net { + server 124.108.22.138:443; + server usher.steam302.xyz:443; + #server 192.108.239.254:443; + #server 23.160.0.254:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name usher.ttvnw.net; + + include cert.conf; + + location / { + proxy_pass https://usher-ttvnw-net/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name cvp.twitch.tv; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=60; + set $cvp_twitch e9221.i.akamaiedge.net; + proxy_pass https://$cvp_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name clips-media-assets2.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $clips_media_twitch d2xmjdvx03ij56.cloudfront.net; + proxy_pass https://$clips_media_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name safety.twitch.tv; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=60; + set $safety_twitch e28790.dsca.akamaiedge.net; + proxy_pass https://$safety_twitch:443/; + include proxy.params; + } +} +# Twitch End \ No newline at end of file diff --git a/conf/Twitch.params b/conf/Twitch.params new file mode 100644 index 0000000..6d486df --- /dev/null +++ b/conf/Twitch.params @@ -0,0 +1,2 @@ +proxy_http_version 1.1; +include proxy.params; \ No newline at end of file diff --git a/conf/Twitter.conf b/conf/Twitter.conf new file mode 100644 index 0000000..9adf7fa --- /dev/null +++ b/conf/Twitter.conf @@ -0,0 +1,288 @@ +# twitter Start +upstream twitter-com { + #server 104.244.42.1:443; + #server 104.244.42.13:443; + #server 104.244.42.14:443; + #server 104.244.42.78:443; + #server 104.244.42.141:443; + #server 104.244.42.142:443; + #server 104.244.42.206:443; + #server 104.244.42.1:443; + #server 104.244.42.65:443; + #server 104.244.42.129:443; + #server 104.244.42.193:443; + server 104.244.45.65:443; + ##server 104.244.45.129:443; + server 104.244.45.193:443; + server 69.195.169.139:443; + server 69.195.170.139:443; + server 69.195.183.139:443; + server 69.195.171.251:443; + server 69.195.171.252:443; + keepalive 16; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 10000; +} + +upstream mobile-twitter-com { + #server 104.244.42.6:443; + #server 104.244.42.70:443; + #server 104.244.42.134:443; + #server 104.244.42.198:443; + server 104.244.45.6:443; +} + +upstream support-twitter-com { + #server 104.244.42.3:443; + #server 104.244.42.67:443; + #server 104.244.42.131:443; + #server 104.244.42.195:443; + server 104.244.45.3:443; +} +upstream syndication-twitter-com { + server 104.244.45.8:443; +} + +upstream upload-twitter-com { + server 69.195.171.253:443; + server 104.244.45.11:443; +} + +upstream api-twitter-com { + #server 104.244.41.1:443; + #server 104.244.41.2:443; + #server 104.244.41.3:443; + #server 104.244.41.67:443; + #server 104.244.41.66:443; + #server 104.244.41.65:443; + #server 104.244.41.131:443; + #server 104.244.41.130:443; + #server 104.244.41.129:443; + #server 104.244.41.193:443; + #server 104.244.41.194:443; + #server 104.244.41.195:443; + #server 104.244.42.2:443; + #server 104.244.42.66:443; + #server 104.244.42.130:443; + #server 104.244.42.194:443; + server 104.244.45.2:443; + ##server 104.244.45.66:443; + ##server 104.244.45.130:443; + server 104.244.45.194:443; + keepalive 8; + keepalive_time 1h; + keepalive_timeout 600s; + keepalive_requests 10000; +} + +upstream ton-twitter-com { + server 104.244.42.20:443; + server 104.244.42.84:443; + server 104.244.42.148:443; + server 104.244.42.212:443; + server 104.244.45.8:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name twitter.com; + server_name x.com; + server_name *.x.com; + server_name *.twitter.com; + + include cert.conf; + location / { + proxy_pass https://twitter-com/; + include Twitter.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name platform.twitter.com; + server_name platform.x.com; + + include cert.conf; + location / { + resolver public1.alidns.com:53 valid=300; + set $platform_twitter platform.twitter.map.fastly.net; + proxy_pass https://$platform_twitter:443/; + include Twitter.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name upload.twitter.com; + server_name upload.x.com; + + include cert.conf; + location / { + proxy_pass https://upload-twitter-com/; + include Twitter.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name ton.twitter.com; + server_name ton.x.com; + + include cert.conf; + location / { + proxy_pass https://ton-twitter-com/; + include Twitter.params ; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name api.twitter.com; + server_name api.x.com; + + include cert.conf; + location / { + proxy_pass https://api-twitter-com/; + tcp_nodelay on; + proxy_set_header Cookie $http_cookie; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + include Twitter.params ; + } +} + +upstream twimg-com { + #server 104.244.42.201:443; + #server 104.244.43.131:443; + server 146.75.20.157:443; + server 146.75.20.158:443; + server 146.75.20.159:443; + server 146.75.20.160:443; + server 146.75.112.157:443; + server 146.75.112.158:443; + server 146.75.112.159:443; + server 146.75.112.160:443; + server 151.101.64.157:443; + server 151.101.64.158:443; + server 151.101.64.159:443; + server 151.101.64.160:443; + server 151.101.76.157:443; + server 151.101.76.158:443; + #server 151.101.76.159:443; + server 151.101.76.160:443; + server 151.101.88.157:443; + server 151.101.88.158:443; + server 151.101.88.159:443; + server 151.101.88.160:443; + #server 151.101.108.157:443; + server 151.101.108.158:443; + server 151.101.108.160:443; + server 151.101.112.157:443; + server 151.101.112.158:443; + server 151.101.112.159:443; + server 151.101.112.160:443; + server 151.101.128.157:443; + server 151.101.128.158:443; + server 151.101.128.159:443; + server 151.101.128.160:443; + server 151.101.192.157:443; + server 151.101.192.158:443; + server 151.101.192.159:443; + server 151.101.192.160:443; + server 199.232.208.157:443; + server 199.232.208.158:443; + server 199.232.208.159:443; + server 199.232.208.160:443; + server 199.232.212.157:443; + server 199.232.212.158:443; + server 199.232.212.159:443; + server 199.232.212.160:443; + server 199.232.232.157:443; + server 199.232.232.158:443; + server 199.232.232.159:443; + server 199.232.232.160:443; + keepalive 16; + keepalive_time 1h; + keepalive_timeout 120s; + keepalive_requests 1000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.twimg.com; + + include cert.conf; + location / { + proxy_pass https://twimg-com/; + include Twitter.params; + keepalive_timeout 120; + } +} + +upstream video-twimg-com { + #server 117.18.232.102:443; + server 146.75.48.157:443; + server 146.75.48.158:443; + server 146.75.48.159:443; + server 146.75.48.160:443; + #server 151.101.108.157:443; + server 151.101.108.158:443; + server 151.101.108.160:443; + server 167.82.84.158:443; + server 192.229.232.217:443; + server 192.229.210.163:443; + server 199.232.44.157:443; + server 199.232.100.159:443; + server 199.232.104.160:443; + server 199.232.236.158:443; + server [2a04:4e42:1a::157]:443; + server [2a04:4e42:1a::158]:443; + server [2a04:4e42:1a::159]:443; + server [2a04:4e42:1a::160]:443; + server [2606:2800:247:22e4:1f0b:18b4:207d:15b0]:443; + server [2606:2800:21f:dc2:1fe1:23fc:954:1461]:443; +} + +upstream t-co { + #server 104.244.45.150:443; + server 104.244.45.5:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name t.co; + + include cert.conf; + location / { + proxy_pass https://t-co/; + include Twitter.params; + } +} + +upstream jf-x-com { + server 35.155.77.250:443; + server 52.33.255.168:443; + server 44.240.80.13:443; + server 35.160.104.26:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name jf.x.com; + + include cert.conf; + location / { + proxy_pass https://jf-x-com/; + include Twitter.params; + } +} +# twitter End \ No newline at end of file diff --git a/conf/Twitter.params b/conf/Twitter.params new file mode 100644 index 0000000..9092613 --- /dev/null +++ b/conf/Twitter.params @@ -0,0 +1,8 @@ +access_log logs/Twitter-access.log main buffer=4k; +error_log logs/Twitter-error.log; +proxy_headers_hash_max_size 8192; +proxy_buffer_size 128k; +proxy_buffers 4 256k; +proxy_busy_buffers_size 256k; +proxy_connect_timeout 2; +include proxy.params; \ No newline at end of file diff --git a/conf/WallHaven.conf b/conf/WallHaven.conf new file mode 100644 index 0000000..91914f2 --- /dev/null +++ b/conf/WallHaven.conf @@ -0,0 +1,33 @@ +# WallHaven Start + + +upstream WallHaven-cc { + server 15.235.80.145:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name wallhaven.cc; + server_name w.wallhaven.cc; + server_name www.wallhaven.cc; + server_name th.wallhaven.cc; + server_name static.wallhaven.cc; + server_name alpha.wallhaven.cc; + + include cert.conf; + client_max_body_size 50M; + + location / { + proxy_max_temp_file_size 0; + proxy_pass https://15.235.80.145/; + proxy_buffer_size 64k; + proxy_buffers 32 64k; + proxy_busy_buffers_size 128k; + #proxy_set_header X-Host $host; + #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + #proxy_set_header X-Real_IP $remote_addr; + include proxy.params; + } +} +# WallHaven End \ No newline at end of file diff --git a/conf/cert.conf b/conf/cert.conf new file mode 100644 index 0000000..bb8fb16 --- /dev/null +++ b/conf/cert.conf @@ -0,0 +1,2 @@ +ssl_certificate ca/pixiv.net.crt; +ssl_certificate_key ca/pixiv.net.key; \ No newline at end of file diff --git a/conf/fastcgi.conf b/conf/fastcgi.conf index 091738c..0582e00 100644 --- a/conf/fastcgi.conf +++ b/conf/fastcgi.conf @@ -1,26 +1,26 @@ - -fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; -fastcgi_param QUERY_STRING $query_string; -fastcgi_param REQUEST_METHOD $request_method; -fastcgi_param CONTENT_TYPE $content_type; -fastcgi_param CONTENT_LENGTH $content_length; - -fastcgi_param SCRIPT_NAME $fastcgi_script_name; -fastcgi_param REQUEST_URI $request_uri; -fastcgi_param DOCUMENT_URI $document_uri; -fastcgi_param DOCUMENT_ROOT $document_root; -fastcgi_param SERVER_PROTOCOL $server_protocol; -fastcgi_param REQUEST_SCHEME $scheme; -fastcgi_param HTTPS $https if_not_empty; - -fastcgi_param GATEWAY_INTERFACE CGI/1.1; -fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; - -fastcgi_param REMOTE_ADDR $remote_addr; -fastcgi_param REMOTE_PORT $remote_port; -fastcgi_param SERVER_ADDR $server_addr; -fastcgi_param SERVER_PORT $server_port; -fastcgi_param SERVER_NAME $server_name; - -# PHP only, required if PHP was built with --enable-force-cgi-redirect -fastcgi_param REDIRECT_STATUS 200; + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/conf/fastcgi_params b/conf/fastcgi_params index 28decb9..091738c 100644 --- a/conf/fastcgi_params +++ b/conf/fastcgi_params @@ -1,4 +1,5 @@ +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; diff --git a/conf/instagram.conf b/conf/instagram.conf new file mode 100644 index 0000000..6187b61 --- /dev/null +++ b/conf/instagram.conf @@ -0,0 +1,95 @@ +#upstream instagram-com { +# server [2a03:2880:f25e:1e4:face:b00c:0:4420]:443; +#} +upstream list-cdn-ins { + #故障,弃用 server [2a03:2880:f25a:cc:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkt1 + #故障,弃用 server [2a03:2880:f25a:1c2:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkt2 + server [2a03:2880:f25e:1e4:face:b00c:0:4420]:443 max_fails=10 fail_timeout=60s;#不明香港服务器但可用 + server [2a03:2880:f215:c3:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkg1-1 + server [2a03:2880:f215:1d2:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkg1-2 + server [2a03:2880:f25e:ca:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkg4-1 + server [2a03:2880:f25e:1ca:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkg4-2 + #故障,弃用 server [2a03:2880:f20f:c4:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#日本nrt1 + #故障,弃用 server [2a03:2880:f20f:1d0:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#日本nrt2 + server [2a03:2880:f24e:cb:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#日本itm1 + server [2a03:2880:f20c:c4:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡sin6-1 + server [2a03:2880:f20c:2c4:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡sin6-2 + server [2a03:2880:f20c:1ca:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡sin6-3 + server [2a03:2880:f20c:3c2:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡sin6-4 + server [2a03:2880:f25c:cc:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡XSP1-1 + server [2a03:2880:f25c:1cc:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡XSP1-2 + server [2a03:2880:f25c:2c7:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡XSP1-3 + server [2a03:2880:f286:c9:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡XSP2-1 + #故障,弃用 server [2a03:2880:f24a:ca:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#韩国GMP + keepalive 16; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 10000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name edge-chat.instagram.com; + + access_log logs/Instagram-access.log main buffer=4k; + error_log logs/Instagram-error.log; + + include cert.conf; + location / { + proxy_pass https://list-cdn-ins/; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include Proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name gateway.instagram.com; + + access_log logs/Instagram-access.log main buffer=4k; + error_log logs/Instagram-error.log; + + include cert.conf; + location / { + proxy_pass https://[2a03:2880:f05e:115:face:b00c:0:6206]:443/; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include Proxy.params; + } +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.cdninstagram.com; + + server_name ig.me; + server_name *.ig.me; + server_name instagr.am; + server_name *.instagr.am; + server_name Instagram.com; + server_name *.Instagram.com; + + access_log logs/Instagram-access.log main buffer=4k; + error_log logs/Instagram-error.log; + + include cert.conf; + location / { + proxy_pass https://list-cdn-ins/; + include proxy.params; + + proxy_set_header Connection ""; + proxy_buffer_size 128k; + proxy_buffers 16 32k; + proxy_busy_buffers_size 128k; + + proxy_next_upstream error timeout http_429 http_500 http_502 http_503 http_504 non_idempotent; + proxy_connect_timeout 2; + proxy_next_upstream_timeout 60; + proxy_send_timeout 5; + proxy_read_timeout 5; + keepalive_timeout 120; + } +} \ No newline at end of file diff --git a/conf/iwaras.conf b/conf/iwaras.conf new file mode 100644 index 0000000..6069071 --- /dev/null +++ b/conf/iwaras.conf @@ -0,0 +1,12 @@ +access_log logs/iwara-access.gzip main gzip=4 buffer=4k; +error_log logs/iwara-error.log; + +proxy_next_upstream_timeout 12; +proxy_connect_timeout 3; +proxy_send_timeout 3; +proxy_read_timeout 3; + +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Real_IP $remote_addr; +include proxy.params; +proxy_ssl_name $http_host; diff --git a/conf/mime.types b/conf/mime.types index 8a2348a..4321314 100644 --- a/conf/mime.types +++ b/conf/mime.types @@ -15,6 +15,8 @@ types { text/vnd.wap.wml wml; text/x-component htc; + image/avif avif; + image/bmp bmp; image/png png; image/svg+xml svg svgz; image/tiff tif tiff; @@ -22,9 +24,10 @@ types { image/webp webp; image/x-icon ico; image/x-jng jng; - image/x-ms-bmp bmp; - application/font-woff woff; + font/woff woff; + font/woff2 woff2; + application/java-archive jar war ear; application/json json; application/mac-binhex40 hqx; @@ -33,6 +36,7 @@ types { application/postscript ps eps ai; application/rtf rtf; application/vnd.apple.mpegurl m3u8; + application/vnd.debian.binary-package deb udeb; application/vnd.google-earth.kml+xml kml; application/vnd.google-earth.kmz kmz; application/vnd.ms-excel xls; @@ -48,7 +52,9 @@ types { xlsx; application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; + application/vnd.rar rar; application/vnd.wap.wmlc wmlc; + application/wasm wasm; application/x-7z-compressed 7z; application/x-cocoa cco; application/x-java-archive-diff jardiff; @@ -56,7 +62,6 @@ types { application/x-makeself run; application/x-perl pl pm; application/x-pilot prc pdb; - application/x-rar-compressed rar; application/x-redhat-package-manager rpm; application/x-sea sea; application/x-shockwave-flash swf; @@ -69,7 +74,6 @@ types { application/zip zip; application/octet-stream bin exe dll; - application/octet-stream deb; application/octet-stream dmg; application/octet-stream iso img; application/octet-stream msi msp msm; diff --git a/conf/nginx.conf b/conf/nginx.conf index be56c06..8179ca5 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,36 +1,57 @@ #user nobody; -worker_processes 1; +#worker_cpu_affinity auto; +worker_processes 6; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; -#pid logs/nginx.pid; events { - worker_connections 1024; + #use icop; + #multi_accept on; + worker_connections 32767; } - http { - include mime.types; - default_type application/octet-stream; + resolver 223.5.5.5; + resolver_timeout 5s; + #include mime.types; + #default_type application/octet-stream; + ssl_protocols TLSv1.2 TLSv1.3 TLSv1 TLSv1.1 SSLv2 SSLv3; + #ssl_ciphers "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"; + log_format main '[$time_local]- 客户端地址:"$remote_addr" 请求耗时"$request_time" 域名:$http_host 监听地址:$server_addr 监听端口:$server_port $server_protocol\n 上游状态"$upstream_status" 上游地址:"$upstream_addr" $status 总字节数$body_bytes_sent\n "$http_referer" "$http_x_forwarded_for" \n    "$request"\n';# "$http_user_agent" + access_log logs/access.log main buffer=4k; + open_log_file_cache max=1000 inactive=1m valid=1m min_uses=1; + fastcgi_buffers 16 128k; - #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - # '$status $body_bytes_sent "$http_referer" ' - # '"$http_user_agent" "$http_x_forwarded_for"'; - - #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; - keepalive_timeout 65; - client_max_body_size 100m; + + keepalive_timeout 120; + keepalive_requests 30000; + client_max_body_size 200m; server_names_hash_max_size 512; server_names_hash_bucket_size 1024; + gzip on; + include Pixiv.conf; + include E-hentai.conf; + include Steam.conf; + #include DLsite.conf; + include Instagram.conf; + #include iwara.conf;#根据使用情况自行替换iwara.conf和iwara2.conf + include Reddit.conf; + include Discord.conf; + include Twitter.conf; + include Twitch.conf; + include WallHaven.conf; + #include Patreon.conf; + include PayPal.conf; + include nhentai.conf; + include WebUI.conf; + #include ShortLink.conf; + include GoogleVideo.conf; - #gzip on; - - include pixiv.conf; -} +} \ No newline at end of file diff --git a/conf/proxy.params b/conf/proxy.params new file mode 100644 index 0000000..0b3b571 --- /dev/null +++ b/conf/proxy.params @@ -0,0 +1,8 @@ +proxy_http_version 1.1; +proxy_set_header Host $http_host; +proxy_set_header User-Agent $http_user_agent; +proxy_set_header Accept-Encoding ''; +proxy_buffering off; +proxy_ssl_server_name on; +#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +#proxy_set_header X-Real_IP $remote_addr; \ No newline at end of file