From 26adb4235d87843b074ccac3ba1786c06715c9db Mon Sep 17 00:00:00 2001 From: c15412 <70379135+c15412@users.noreply.github.com> Date: Tue, 27 Aug 2024 18:34:08 +0800 Subject: [PATCH] Add files via upload Update the upstream of Steam, Pixiv, E-hentai Add Server : Discord (IPv4) Instagram (IPv6 Only, Local DNS rewrite required to rewrite all subdomains) WallHaven (IPv4, image CDN Only, excluding pages) Reddit (IPv4, Local DNS rewrite required to rewrite all subdomains) Twitter (IPv4, Local DNS rewrite required to rewrite all subdomains) Twitch (IPv4, Local DNS And DoH were required to rewrite all subdomains) GoogleCDN (File Server IPv6 Only, website pages and IPv4 servers were not included, Local DNS rewrite required to rewrite all subdomains) --- conf/Discord.conf | 183 ++++++++++++ conf/E-hentai.conf | 162 +++++++++++ conf/GV.conf | 20 ++ conf/GoogleVideo.conf | 159 +++++++++++ conf/PayPal.conf | 32 +++ conf/Pixiv.conf | 649 ++++++++++++++++++++++++++++++++++++++++++ conf/Reddit.conf | 52 ++++ conf/Steam.conf | 317 +++++++++++++++++++++ conf/SteamCDN..conf | 12 + conf/Twitch.conf | 510 +++++++++++++++++++++++++++++++++ conf/Twitch.params | 2 + conf/Twitter.conf | 288 +++++++++++++++++++ conf/Twitter.params | 8 + conf/WallHaven.conf | 33 +++ conf/cert.conf | 2 + conf/fastcgi.conf | 52 ++-- conf/fastcgi_params | 1 + conf/instagram.conf | 95 +++++++ conf/iwaras.conf | 12 + conf/mime.types | 12 +- conf/nginx.conf | 55 ++-- conf/proxy.params | 8 + 22 files changed, 2617 insertions(+), 47 deletions(-) create mode 100644 conf/Discord.conf create mode 100644 conf/E-hentai.conf create mode 100644 conf/GV.conf create mode 100644 conf/GoogleVideo.conf create mode 100644 conf/PayPal.conf create mode 100644 conf/Pixiv.conf create mode 100644 conf/Reddit.conf create mode 100644 conf/Steam.conf create mode 100644 conf/SteamCDN..conf create mode 100644 conf/Twitch.conf create mode 100644 conf/Twitch.params create mode 100644 conf/Twitter.conf create mode 100644 conf/Twitter.params create mode 100644 conf/WallHaven.conf create mode 100644 conf/cert.conf create mode 100644 conf/instagram.conf create mode 100644 conf/iwaras.conf create mode 100644 conf/proxy.params diff --git a/conf/Discord.conf b/conf/Discord.conf new file mode 100644 index 0000000..e2d8d0c --- /dev/null +++ b/conf/Discord.conf @@ -0,0 +1,183 @@ +# Discord Start +upstream DiscordApp-com { + server 162.159.129.233:443; + server 162.159.130.233:443; + server 162.159.133.233:443; + server 162.159.134.233:443; + server 162.159.135.233:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name discordapp.com; + server_name url9177.discordapp.com; + server_name canary-api.discordapp.com; + server_name cdn-ptb.discordapp.com; + server_name ptb.discordapp.com; + server_name status.discordapp.com; + server_name cdn-canary.discordapp.com; + server_name cdn.discordapp.com; + server_name streamkit.discordapp.com; + server_name i18n.discordapp.com; + server_name url9624.discordapp.com; + server_name url7195.discordapp.com; + server_name merch.discordapp.com; + server_name printer.discordapp.com; + server_name canary.discordapp.com; + server_name apps.discordapp.com; + server_name pax.discordapp.com; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://DiscordApp-com/; + include proxy.params; + } +} + +upstream Discord-com { + server 162.159.135.232:443; + server 162.159.136.232:443; + server 162.159.137.232:443; + server 162.159.138.232:443; + server 162.159.128.233:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name discord.com; + server_name status.discord.com; + server_name streamkit.discord.com; + server_name feedback.discord.com; + server_name click.discord.com; + server_name pax.discord.com; + server_name printer.discord.com; + server_name ptb.discord.com; + server_name canary.discord.com; + server_name bugs.discord.com; + server_name i18n.discord.com; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://Discord-com/; + tcp_nodelay on; + #proxy_set_header Upgrade $http_upgrade; + #proxy_set_header Connection "Upgrade"; + proxy_headers_hash_max_size 8192; + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + proxy_set_header Cookie $http_cookie; + include proxy.params; + } +} + +upstream Discord-gg { + server 162.159.130.234:443; + server 162.159.133.234:443; + server 162.159.134.234:443; + server 162.159.135.234:443; + server 162.159.126.234:443; + keepalive 32; + keepalive_time 1h; + keepalive_timeout 60s; + keepalive_requests 64; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name discord.gg; + server_name gateway.discord.gg; + server_name gateway-us-east1-b.discord.gg; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://Discord-gg/; + tcp_nodelay on; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + include proxy.params; + } +} + +upstream support-Discord-com { + server 104.16.51.111:443; + server 104.16.53.111:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name support.discord.com; + server_name safety.discord.com; + server_name support-dev.discord.com; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://support-Discord-com/; + include proxy.params; + } +} + +upstream dl-discordapp-net { + server 162.159.129.232:443; + server 162.159.130.232:443; + server 162.159.133.232:443; + server 162.159.134.232:443; + server 162.159.128.233:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name dl.discordapp.net; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://dl-discordapp-net/; + include proxy.params; + } +} + +upstream media-discordapp-net { + server 162.159.128.232:443; + server 162.159.129.232:443; + server 162.159.130.232:443; + server 162.159.133.232:443; + server 162.159.134.232:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name media.discordapp.net; + server_name images-ext-2.discordapp.net; + server_name images-ext-1.discordapp.net; + + ssl_certificate ca/pixiv.net.crt; + ssl_certificate_key ca/pixiv.net.key; + + location / { + proxy_pass https://media-discordapp-net/; + proxy_http_version 1.1; + proxy_set_header Host media.discordapp.net; + proxy_set_header User-Agent $http_user_agent; + proxy_set_header Accept-Encoding ''; + proxy_ssl_server_name on; + proxy_buffering off; + } +} + +# Discord End \ No newline at end of file diff --git a/conf/E-hentai.conf b/conf/E-hentai.conf new file mode 100644 index 0000000..b2e74ad --- /dev/null +++ b/conf/E-hentai.conf @@ -0,0 +1,162 @@ +# E-Hentai Start +upstream exhentai-lb { + server 178.175.128.252:443; + server 178.175.128.254:443; + server 178.175.129.252:443; + server 178.175.129.254:443; + server 178.175.132.20:443; + server 178.175.132.22:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name exhentai.org; + server_name *.exhentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://exhentai-lb/; + proxy_next_upstream_timeout 75; + proxy_connect_timeout 10; + proxy_send_timeout 5; + proxy_read_timeout 5; + include proxy.params; + } +} + +upstream e-hentai-lb { + server 212.7.202.35:443; + server 212.7.202.48:443; + server 212.7.200.92:443; + server 212.7.200.95:443; + keepalive 4; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name e-hentai.org; + server_name r.e-hentai.org; + server_name g.e-hentai.org; + server_name lofi.e-hentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://e-hentai-lb/; + proxy_next_upstream_timeout 100; + proxy_connect_timeout 10; + include proxy.params; + } +} + +upstream forums-e-hentai-lb { + server 94.100.18.243:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name forums.e-hentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://94.100.18.243:443/; + include proxy.params; + } +} + +upstream api-e-hentai-lb { + server 212.7.202.51:443; + server 212.7.200.104:443; + keepalive 2; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name api.e-hentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://api-e-hentai-lb/; + proxy_connect_timeout 10; + include proxy.params; + } +} + +upstream upload-e-hentai-lb { + server 94.100.18.247:443; + server 94.100.18.249:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name upld.e-hentai.org; + server_name upload.e-hentai.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + client_max_body_size 400M; + fastcgi_connect_timeout 3000; + fastcgi_send_timeout 3000; + fastcgi_read_timeout 3000; + proxy_pass https://upload-e-hentai-lb/; + include proxy.params; + } +} + +upstream ehgt-org { + server 37.48.89.44:443; + server 81.171.10.48:443; + server 178.162.139.24:443; + server 178.162.140.212:443; + server [2001:1af8:4700:a062:9::47de]:443; + server [2001:1af8:4700:a062:8::47de]:443; + server [2001:1af8:4700:a0c9:4::47de]:443; + server [2001:1af8:4700:a0c9:3::47de]:443; + #server ehgt.c15412.tk:443; +} +server { + listen 443 ssl http2; + listen 127.0.0.2:443 ssl http2; + listen [::]:443 ssl http2; + server_name ehgt.org; + + access_log logs/E-hentai-access.log main buffer=4k; + error_log logs/E-hentai-error.log; + + include cert.conf; + + location / { + proxy_pass https://ehgt-org/; + proxy_connect_timeout 5; + include proxy.params; + } +} +# E-Hentai End \ No newline at end of file diff --git a/conf/GV.conf b/conf/GV.conf new file mode 100644 index 0000000..18d91dd --- /dev/null +++ b/conf/GV.conf @@ -0,0 +1,20 @@ +proxy_max_temp_file_size 0; +keepalive_timeout 120s; +keepalive_requests 30000; +#limit_rate_after 1M; +limit_rate 2M; +resolver 119.29.29.29:53 valid=1h ipv4=off ipv6=on; +if ( $http_host ~ (([\S\s]*).googlevideo.com) ){ + proxy_pass https://$2.${domain_SUFFIX}:443; +#$2是匹配上的变量部分 +} + +proxy_set_header Connection ""; +proxy_connect_timeout 5; +proxy_set_header Range $http_range; +proxy_set_header If-Range $http_if_range; +include proxy.params; + +#access_log logs/GoogleVideo-access.log GoogleVideo buffer=4k gzip=4; +access_log off; +error_log logs/GoogleVideo-error.log warn; \ No newline at end of file diff --git a/conf/GoogleVideo.conf b/conf/GoogleVideo.conf new file mode 100644 index 0000000..c8bae2f --- /dev/null +++ b/conf/GoogleVideo.conf @@ -0,0 +1,159 @@ + +upstream Google-Video { + server 127.0.0.129:65496; + server 127.0.0.129:65497; + server 127.0.0.129:65498; + server 127.0.0.129:65499; + server 127.0.0.129:65500; + server 127.0.0.129:65501; + server 127.0.0.129:65502; + server 127.0.0.129:65503; + server 127.0.0.129:65504; +} + +log_format GoogleVideo '[$time_local]- 请求耗时"$request_time" $http_host 服务器地址:$proxy_host $server_protocol\n 上游状态"$upstream_status" 上游地址:"$upstream_addr"\n $status 总字节数$body_bytes_sent'; + +server { + listen 127.0.0.129:65496 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "offline-maps.gvt1.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65497 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "c.2mdn.net"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65498 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "bdn.dev"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65499 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "gvt1.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65500 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "xn--ngstr-lra8j.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65501 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "snap.gvt1.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65502 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "gcpcdn.gvt1.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65503 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "c.bigcache.googleapis.com"; + include GV.conf; + } +} +server { + listen 127.0.0.129:65504 ssl; + server_name *.googlevideo.com; + + include cert.conf; + location / { + set $domain_SUFFIX "c.googlesyndication.com"; + include GV.conf; + } +} + + +#  GoogleVideo.com +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + access_log logs/GoogleVideo-access.gzip main gzip=4 buffer=4k; + error_log logs/GoogleVideo-error.log; + + server_name *.googlevideo.com; + + include cert.conf; + location / { + proxy_max_temp_file_size 0; + keepalive_timeout 120s; + #resolver [::1]:53 valid=180s ipv4=off ipv6=on; + proxy_pass https://Google-Video; + proxy_next_upstream_timeout 60; + proxy_set_header X-Host $host; + proxy_set_header Range $http_range; + proxy_set_header If-Range $http_if_range; + include proxy.params; + proxy_ssl_name $host; + } +} +# GoogleVideo End + + +#  ggpht.com +upstream ggpht-com { + server [2607:f8b0:4002:c10::84]:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + access_log off; + error_log logs/GoogleVideo-error.log; + + server_name *.ggpht.com; + + include cert.conf; + location / { + proxy_max_temp_file_size 0; + keepalive_timeout 120s; + #resolver [::1]:53 valid=180s ipv4=off ipv6=on; + proxy_pass https://ggpht-com; + proxy_next_upstream_timeout 30; + include proxy.params; + proxy_set_header Range $http_range; + proxy_set_header If-Range $http_if_range; + } +} \ No newline at end of file diff --git a/conf/PayPal.conf b/conf/PayPal.conf new file mode 100644 index 0000000..aedb12a --- /dev/null +++ b/conf/PayPal.conf @@ -0,0 +1,32 @@ + +# PayPal Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name checkout.paypal.com; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=300s; + set $checkout_paypal d37t8d3i48djc7.cloudfront.net; + proxy_pass https://$checkout_paypal:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name c.paypal.com; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=300s; + set $c_paypal c-fastly.glb.paypal.com; + proxy_pass https://$c_paypal:443/; + include proxy.params; + } +} +# PayPal End \ No newline at end of file diff --git a/conf/Pixiv.conf b/conf/Pixiv.conf new file mode 100644 index 0000000..5fb88e3 --- /dev/null +++ b/conf/Pixiv.conf @@ -0,0 +1,649 @@ +upstream www-pixiv-net { + server 210.140.131.181:443; + server 210.140.131.183:443; + server 210.140.131.185:443; + server 210.140.131.119:443; + server 210.140.131.220:443; + server 210.140.131.222:443; + server 210.140.131.223:443; + server 210.140.131.224:443; + server 210.140.131.225:443; + server 210.140.131.226:443; + keepalive 16; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream account-pixiv-net { + server 210.140.131.219:443; + server 210.140.131.223:443; + server 210.140.131.226:443; + keepalive 4; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream ssl-pixiv-net { + server 210.140.92.192:443; + server 210.140.92.193:443; + server 210.140.92.183:443; +} + +upstream sketch-pixiv-net { + server 210.140.174.37:443; + server 210.140.170.179:443; + server 210.140.175.130:443; + keepalive 3; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream sketch-hls-server { + server 210.140.214.211:443; + server 210.140.214.212:443; + server 210.140.214.213:443; + keepalive 3; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream imgaz-pixiv-net { + server 210.140.131.145:443; + server 210.140.131.144:443; + server 210.140.131.147:443; + server 210.140.131.153:443; + keepalive 4; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream i-pximg-net { + #server s.pximg.net:443; + #server 210.140.92.134:443; + #server 210.140.92.135:443; + #server 210.140.92.136:443; + #server 210.140.92.137:443; + #server 210.140.92.138:443; + #server 210.140.92.139:443; + #server 210.140.92.140:443; + server 210.140.92.141:443; + server 210.140.92.142:443; + server 210.140.92.143:443; + server 210.140.92.144:443; + server 210.140.92.145:443; + server 210.140.92.146:443; + server 210.140.92.148:443; + server 210.140.92.149:443; + server 210.140.139.131:443; + server 210.140.139.132:443; + server 210.140.139.133:443; + server 210.140.139.134:443; + server 210.140.139.135:443; + server 210.140.139.136:443; + + keepalive 16; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream fanbox-cc { + server 210.140.92.179:443; + server 210.140.92.180:443; + server 210.140.92.181:443; + server 210.140.92.182:443; + server 210.140.92.183:443; + server 210.140.92.184:443; + server 210.140.92.185:443; + server 210.140.92.186:443; + server 210.140.92.187:443; + + keepalive 16; + keepalive_timeout 120s; + keepalive_requests 10000; +} + +upstream app-api-pixiv-net { + server 210.140.131.218:443; + server 210.140.131.223:443; + server 210.140.131.226:443; +} + +# default_server Start +upstream rpc-hh { + server 94.100.24.67:80; + server 94.100.24.68:80; + server 94.100.24.69:80; +} +server { + listen 80 default_server; + listen [::]:80 default_server; + #if ($http_host != "rpc.hentaiathome.net") { + # + access_log off; + rewrite ^(.*) https://$host$1 permanent; + #} + #location / { + # proxy_pass http://rpc-hh/; + # proxy_http_version 1.1; + # proxy_next_upstream_timeout 10; + # proxy_connect_timeout 2; + # proxy_send_timeout 2; + # proxy_read_timeout 2; + # proxy_set_header Host $http_host; + # proxy_set_header User-Agent $http_user_agent; + # proxy_set_header Accept-Encoding ''; + # proxy_buffering off; + #} +} +# default_server End + +# Pixiv Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name www.pixiv.net; + + include cert.conf; + + client_max_body_size 50M; + + location / { + proxy_pass https://www-pixiv-net; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name accounts.pixiv.net; + server_name oauth.secure.pixiv.net; + server_name source.pixiv.net; + server_name app-api.pixiv.net; + server_name payment.pixiv.net; + server_name sensei.pixiv.net; + server_name dic.pixiv.net; + server_name en-dic.pixiv.net; + + include cert.conf; + + client_max_body_size 50M; + + location / { + proxy_pass https://account-pixiv-net/; + include proxy.params; + } +} + + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name pixiv.net; + server_name ssl.pixiv.net; + server_name touch.pixiv.net; + server_name factory.pixiv.net; + server_name fanbox.pixiv.net; + + include cert.conf; + + client_max_body_size 50M; + + location / { + proxy_pass https://ssl-pixiv-net; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.pximg.net; + + include cert.conf; + + location / { + proxy_pass https://i-pximg-net; + proxy_next_upstream_timeout 30; + proxy_connect_timeout 4; + proxy_set_header Referer "https://www.pixiv.net/"; + proxy_set_header Sec-Fetch-Site "cross-site"; + keepalive_timeout 120; + + include proxy.params; + allow all; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name downloads.fanbox.cc; + server_name *.fanbox.cc; + + include cert.conf; + + location / { + proxy_pass https://fanbox-cc/; + include proxy.params; + allow all; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name sketch.pixiv.net; + + include cert.conf; + + location / { + proxy_pass https://sketch-pixiv-net; + include proxy.params; + } + + # Proxying WebSockets + location /ws/ { + proxy_pass https://sketch-pixiv-net; + include proxy.params; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + #proxy_set_header Host $host; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.pixivsketch.net; + + include cert.conf; + + location / { + proxy_pass https://sketch-hls-server; + include proxy.params; + } +} + +#server { +# listen 443 ssl http2; +# listen [::]:443 ssl http2; +# server_name factory.pixiv.net; +# +# include cert.conf; +# +# location / { +# proxy_pass https://210.140.131.180:443/; +# proxy_http_version 1.1; +# include proxy.params; +# } +#} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name imgaz.pixiv.net; + server_name comic.pixiv.net; + server_name novel.pixiv.net; + server_name i1.pixiv.net; + server_name i2.pixiv.net; + server_name i3.pixiv.net; + server_name i4.pixiv.net; + + + include cert.conf; + + location / { + proxy_pass https://imgaz-pixiv-net; + include proxy.params; + } +} +# +#server { +# listen 443 ssl http2; +# listen [::]:443 ssl http2; +# +# include cert.conf; +# server_name app-api.pixiv.net; +# location / { +# proxy_pass https://app-api-pixiv-net; +# proxy_http_version 1.1; +# include proxy.params; +# } +#} +# Pixiv End + +# Wiki Start +upstream wikipedia-text-lb { + server 208.80.153.224:443; + #server 208.80.154.224:443; + server 91.198.174.192:443; + #server 103.102.166.224:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.wikipedia.org; + server_name *.m.wikipedia.org; + + include cert.conf; + + location / { + proxy_pass https://wikipedia-text-lb/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name wikimedia.org; + + include cert.conf; + + location / { + proxy_pass https://wikipedia-text-lb/; + include proxy.params; + } +} + +upstream wikipedia-upload-lb { + server 208.80.153.240:443; + server 208.80.154.240:443; + server 91.198.174.208:443; + server 103.102.166.240:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name upload.wikimedia.org; + + include cert.conf; + + location / { + proxy_pass https://wikipedia-upload-lb/; + include proxy.params; + } +} +# Wiki End + +# archiveofourown Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.archiveofourown.org; + server_name archiveofourown.org; + + include cert.conf; + + location / { + proxy_pass https://104.153.64.122:443/; + include proxy.params; + } +} +# archiveofourown End + +# Nyaa Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name sukebei.nyaa.si; + + include cert.conf; + + location / { + proxy_pass https://198.251.89.38:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name nyaa.si; + server_name www.nyaa.si; + + include cert.conf; + + location / { + proxy_pass https://185.178.208.182:443/; + include proxy.params; + } +} +# Nyaa End + +# github Start +upstream Github-com { + #server 140.82.112.3:443; + #server 140.82.112.4:443; + #server 140.82.113.3:443; + #server 140.82.113.4:443; + #server 140.82.114.3:443; + #server 140.82.114.4:443; + #server 140.82.116.3:443; + #server 140.82.116.4:443; + #server 140.82.121.3:443; + #server 140.82.121.4:443; + #server 52.69.186.44:443;# + #server 52.192.72.89:443;# + #server 52.78.231.108:443;#52.192.72.89 + #server 52.69.186.44:443; + server 20.205.243.166:443; + server 20.27.177.113:443; + server 20.200.245.247:443; +} + +upstream githubusercontent-com { + server 185.199.109.133:443; + server 185.199.108.133:443; + server 185.199.110.133:443; + server 185.199.111.133:443; + server 146.75.112.113:443; + server 146.75.20.133:443; + server 151.101.64.133:443; + server 151.101.76.133:443; + server 151.101.108.133:443; + server 151.101.128.133:443; + server 151.101.192.133:443; + server 151.101.228.133:443; + server 199.232.208.133:443; + server 199.232.212.133:443; + server 199.232.232.133:443; + server [2a04:4e42:12::133]:443; + server [2a04:4e42:15::133]:443; + server [2a04:4e42:1a::133]:443; + server [2a04:4e42:36::133]:443; + server [2a04:4e42:48::133]:443; + server [2a04:4e42:75::133]:443; + server [2a04:4e42:76::133]:443; + server [2a04:4e42:8c::133]:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name github.com; + server_name *.github.com; + + include cert.conf; + + location / { + proxy_pass https://Github-com/; + proxy_headers_hash_max_size 8192; + proxy_buffer_size 128k; + proxy_buffers 4 256k; + proxy_busy_buffers_size 256k; + include proxy.params; + } +} + +server { + listen 80; + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name githubusercontent.com; + server_name *.githubusercontent.com; + server_name githubassets.com; + server_name *.githubassets.com; + + include cert.conf; + + location / { + proxy_pass https://githubusercontent-com/; + proxy_connect_timeout 4; + proxy_read_timeout 1; + proxy_send_timeout 1; + proxy_next_upstream_timeout 32; + proxy_set_header Range $http_range; + proxy_set_header If-Range $http_if_range; + include proxy.params; + } +} +# github End + +# EA Start +upstream Origin-CDN { + server cctv4-lh.akamaihd.net:443; + server moviesok-i.akamaihd.net:443; + server vluki-a.akamaihd.net:443; + server hgtv-i.akamaihd.net:443; + server toots-a.akamaihd.net:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name origin-a.akamaihd.net; + + include cert.conf; + + location / { + proxy_pass https://Origin-CDN/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name api1.origin.com; + + include cert.conf; + + location / { + proxy_pass https://api2.origin.com:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name pc.ea.com; + + include cert.conf; + + location / { + proxy_pass https://e8688.e12.akamaiedge.net:443/; + include proxy.params; + } +} +# EA End + +# my-freenom-com Start +server { + listen 443 ssl so_keepalive=on; + listen [::]:443 ssl so_keepalive=on; + server_name my.freenom.com; + + include cert.conf; + + location / { + #resolver 223.5.5.5 valid=600; + set $my_freenom_com lb-my-freenom-com-vpc-2022-1373795610.eu-west-1.elb.amazonaws.com; + proxy_pass https://$my_freenom_com/; + include proxy.params; + #proxy_ssl_name $my_freenom_com; + + #proxy_set_header Cookie $http_cookie; + proxy_connect_timeout 10; + proxy_send_timeout 120; + proxy_read_timeout 120; + } +} +# my-freenom-com End + + +# wix Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name images-wixmp-ed30a86b8c4ca887773594c2.wixmp.com; + server_name images-wixmp-530a50041672c69d335ba4cf.wixmp.com; + + include cert.conf; + + location / { + proxy_pass https://34.96.91.138:443/; + + include proxy.params; + + proxy_set_header Cookie $http_cookie; + proxy_connect_timeout 4; + proxy_send_timeout 4; + proxy_read_timeout 4; + } +} +# wix End + +# pixeldrain Start +upstream pixeldrain-com { + server 50.7.24.66:443; + server [2001:49f0:d0f6:8::2]:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name pixeldrain.com; + + include cert.conf; + + location / { + proxy_pass https://pixeldrain-com/; + include proxy.params; + + proxy_set_header Cookie $http_cookie; + proxy_connect_timeout 4; + proxy_send_timeout 4; + proxy_read_timeout 4; + } +} +# pixeldrain End +# pixeldrain Start +upstream apkpure-com { + server [2606:4700:10::ac43:87f]:443; + server [2606:4700:10::6816:577]:443; + server [2606:4700:10::6816:477]:443; + server 104.22.4.119:443; + server 172.67.8.127:443; + server 104.22.5.119:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name apkpure.com *.apkpure.com; + include cert.conf; + + location / { + proxy_pass https://apkpure-com/; + include proxy.params; + proxy_set_header Cookie $http_cookie; + proxy_ssl_name "${http_host}"; + proxy_connect_timeout 4; + proxy_send_timeout 4; + proxy_read_timeout 4; + } +} +# pixeldrain End diff --git a/conf/Reddit.conf b/conf/Reddit.conf new file mode 100644 index 0000000..a38365f --- /dev/null +++ b/conf/Reddit.conf @@ -0,0 +1,52 @@ +# Reddit Start + +upstream Reddit { + server 146.75.21.140:443; + server 151.101.77.140:443; + server 151.101.89.140:443; + server 151.101.109.140:443; + #server 151.101.133.140:443; + ##级差为4个/24段,即为/22 + + keepalive 16; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 4000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name reddit.com; + server_name *.reddit.com; + server_name redd.it; + server_name *.redd.it; + server_name redditstatic.com; + server_name *.redditstatic.com; + server_name redditmedia.com; + server_name *.redditmedia.com; + + include cert.conf; + access_log logs/Reddit-access.log main buffer=4k; + error_log nul; + + location / { + proxy_max_temp_file_size 0; + proxy_buffer_size 64k; + proxy_buffers 32 64k; + proxy_busy_buffers_size 128k; + keepalive_timeout 120; + keepalive_requests 4000; + + proxy_pass https://Reddit/; + proxy_set_header Connection ""; + + proxy_set_header Range $http_range; + proxy_set_header If-Range $http_if_range; + proxy_next_upstream error timeout http_429 http_500 http_502 http_503 http_504 non_idempotent; + proxy_connect_timeout 3; + + include proxy.params; + } +} +# Reddit End \ No newline at end of file diff --git a/conf/Steam.conf b/conf/Steam.conf new file mode 100644 index 0000000..0cb44e6 --- /dev/null +++ b/conf/Steam.conf @@ -0,0 +1,317 @@ +upstream steam-store { + server 104.71.48.121:443 max_fails=2 fail_timeout=60s; + #server 23.1.179.144:443 max_fails=2 fail_timeout=60s;#HighPing + #server 23.45.56.78:443 max_fails=2 fail_timeout=60s;#HighPing + server 184.24.82.108:443 max_fails=2 fail_timeout=60s; + server 184.85.112.102:443 max_fails=2 fail_timeout=60s; + server 184.87.103.42:443 max_fails=2 fail_timeout=60s; + server 23.77.215.46:443 max_fails=2 fail_timeout=60s;# + server 23.51.142.168:443 max_fails=2 fail_timeout=60s;# + server 23.41.77.6:443 max_fails=2 fail_timeout=60s;# + #server 23.36.106.129:443 max_fails=2 fail_timeout=60s;#HighPing + #server 23.36.252.78:443 max_fails=2 fail_timeout=60s;#HighPing + server 23.208.81.63:443 max_fails=2 fail_timeout=60s;# + server 23.200.148.81:443 max_fails=2 fail_timeout=60s;# + server 23.200.152.81:443 max_fails=2 fail_timeout=60s;# + server 23.219.73.99:443 max_fails=2 fail_timeout=60s;# + server 23.211.57.127:443 max_fails=2 fail_timeout=60s;# + server 23.219.69.47:443 max_fails=2 fail_timeout=60s;# + #server 23.195.152.91:443 max_fails=2 fail_timeout=60s;#HighPing + server 23.198.37.119:443 max_fails=2 fail_timeout=60s;# + server 23.48.229.101:443 max_fails=2 fail_timeout=60s;# + keepalive 16; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 10000; + + #server steampowered.com:443; + #server www.steampowered.com:443; + #server store.steampowered.com:443; +} +upstream steam-community { + server 23.1.179.144:443; + server 104.103.145.69:443; + server 104.91.87.202:443; + #server 104.78.121.166:443; + #server 104.85.204.121:443; + #server 104.103.245.88:443; + #server 104.124.156.199:443; + #server 104.127.87.210:443; + #server 184.26.129.66:443; + #server 23.45.56.78:443; + #server 23.53.54.51:443; + #server 23.58.33.236:443; + #server 23.212.216.106:443; +} + +upstream steam-chat { + #server humblebundle-a.akamaihd.net:443; + #server eaassets-a.akamaihd.net:443; + server 184.26.252.135:443; + #keepalive 8; + #keepalive_requests 10000; +} + +#upstream steam-cdn { +# server eaassets-a.akamaihd.net:443; +# server steamuserimages-a.akamaihd.net:443; +# server steamuserimages-a.akamaihd.net.edgesuite.net:443; +# #server steamstore-a.akamaihd.net:443; +# #server steamcommunity-a.akamaihd.net:443; +# server a1737.b.akamai.net:443; +# server a1843.g1.akamai.net:443; +# server a1507.dscw27.akamai.net:443; +# server a1639.dscb.akamai.net:443; +#} + +upstream steam-community302 { + server str001.steam302.xyz:443; + server str002.steam302.xyz:443; + server str003.steam302.xyz:443; +} + +# Steam Start +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.steamcommunity.com; + server_name steamcommunity.com; + + include cert.conf; + + location ^.*(discussions|comment|forum).*$ { + proxy_pass https://steam-community302/; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real_IP $remote_addr; + include proxy.params; + } + + location / { + proxy_pass https://steam-community/; + + proxy_next_upstream_timeout 60; + proxy_connect_timeout 6; + proxy_send_timeout 6; + proxy_read_timeout 6; + include proxy.params; + #proxy_ssl_name $http_host; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + #resolver public1.alidns.com valid=300; + server_name store.steampowered.com; + server_name api.steampowered.com; + server_name checkout.steampowered.com; + server_name help.steampowered.com; + server_name login.steampowered.com; + server_name steampowered.com; + + include cert.conf; + #access_log logs/SteamCDN-access.log main; + access_log off; + error_log logs/SteamCDN-error.log; + + location / { + proxy_next_upstream_timeout 90; + proxy_connect_timeout 2; + proxy_pass https://steam-store/; + proxy_next_upstream error timeout http_403 http_429 http_500 http_502 http_503 http_504 non_idempotent; + include proxy.params; + #proxy_ssl_name $http_host; + } +} + +upstream steamstatic-akamai { + server 184.27.185.73:443; + server 184.27.185.76:443; + server 184.26.43.79:443; + server 184.26.43.80:443; + server 184.26.91.162:443; + server 184.26.91.47:443; + server 23.48.201.10:443; + server 23.48.201.16:443; + server 23.48.201.33:443; + server 23.48.201.34:443; + server 23.49.104.197:443; + server 23.49.104.200:443; + server 23.49.104.201:443; + server 23.49.104.202:443; + server 23.202.34.90:443; + server 23.202.34.91:443; + server 23.202.34.120:443; + server 23.202.34.250:443; + server 23.202.35.57:443; + server 23.202.35.90:443; + server 23.202.35.120:443; + server 23.202.35.250:443; + keepalive 32; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 10000; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name community.akamai.steamstatic.com; + server_name community.cloudflare.steamstatic.com; + server_name community.steamstatic.com; + + include cert.conf; + + location / { + proxy_pass https://steamstatic-akamai; + proxy_http_version 1.1; + proxy_next_upstream_timeout 60; + proxy_connect_timeout 3; + proxy_next_upstream error timeout http_403 http_429 http_500 http_502 http_503 http_504 non_idempotent; + proxy_set_header Host "community.steamstatic.com"; + proxy_set_header User-Agent $http_user_agent; + proxy_set_header Accept-Encoding ''; + proxy_ssl_server_name off; + proxy_ssl_name "community.steamstatic.com"; + proxy_buffering off; + access_log off; + error_log logs/SteamCDN-error.log; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name steamuserimages-a.akamaihd.net; + server_name steamcdn-a.akamaihd.net; + server_name steamcommunity-a.akamaihd.net; + + include cert.conf; + + location / { + #set $rewrite_host "${http_host}.edgesuite.net"; + resolver public1.alidns.com valid=300 ipv4=on ipv6=off; + #proxy_pass https://$rewrite_host; + proxy_pass https://steamstatic-akamai; + proxy_connect_timeout 3s; + include proxy.params; + proxy_ssl_name $http_host; + access_log off; + error_log logs/SteamCDN-error.log; + } +} + +#SteamStatic 国内cdn:白山云eccdnx:st.dl.eccdnx.com +#阿里昆仑雀牛云cdn.queniuqe.com +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name cdn.cloudflare.steamstatic.com cdn.akamai.steamstatic.com cdn.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "media.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name clan.steamstatic.com clan.akamai.steamstatic.com clan.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "clan.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name avatars.steamstatic.com avatars.akamai.steamstatic.com avatars.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "avatars.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name store.steamstatic.com store.akamai.steamstatic.com store.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "store.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name shared.steamstatic.com shared.akamai.steamstatic.com shared.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "shared.st.dl.eccdnx.com"; + include SteamCDN..conf; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name video.steamstatic.com video.akamai.steamstatic.com video.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + set $rewrite_host "video.steamstatic.com.edgesuite.net"; + resolver public1.alidns.com valid=300 ipv4=on ipv6=off; + proxy_pass https://$rewrite_host; + #proxy_pass https://steamstatic-akamai; + proxy_http_version 1.1; + proxy_connect_timeout 3s; + proxy_set_header Host "video.steamstatic.com"; + proxy_set_header User-Agent $http_user_agent; + proxy_set_header Accept-Encoding ''; + proxy_buffering off; + proxy_ssl_server_name off; + proxy_ssl_name "video.steamstatic.com"; + access_log off; + error_log logs/SteamCDN-error.log; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name steambroadcast.akamaized.net broadcast.akamai.steamstatic.com broadcast.cloudflare.steamstatic.com; + + include cert.conf; + + location / { + #set $source_host "broadcast.akamai.steamstatic.com"; + set $rewrite_host "${http_host}.edgesuite.net"; + resolver public1.alidns.com valid=300 ipv4=on ipv6=off; + #proxy_pass https://$rewrite_host; + proxy_pass https://steamstatic-akamai; + proxy_connect_timeout 3s; + + include proxy.params; + #proxy_ssl_name $source_host; + access_log off; + error_log logs/SteamCDN-error.log; + } +} + +# Steam End diff --git a/conf/SteamCDN..conf b/conf/SteamCDN..conf new file mode 100644 index 0000000..4053d93 --- /dev/null +++ b/conf/SteamCDN..conf @@ -0,0 +1,12 @@ +resolver 119.29.29.29 valid=300 ipv4=on ipv6=on;# ipv4=on ipv6=off +proxy_pass https://$rewrite_host; +proxy_http_version 1.1; +proxy_connect_timeout 4s; +proxy_set_header Host $rewrite_host; +proxy_set_header User-Agent $http_user_agent; +proxy_set_header Accept-Encoding ''; +proxy_buffering off; +proxy_ssl_server_name off; + +access_log off; +error_log logs/SteamCDN-error.log; \ No newline at end of file diff --git a/conf/Twitch.conf b/conf/Twitch.conf new file mode 100644 index 0000000..9c96306 --- /dev/null +++ b/conf/Twitch.conf @@ -0,0 +1,510 @@ +# Twitch Start +upstream twitch-tv { + server 151.101.2.167:443; + server 151.101.66.167:443; + server 151.101.130.167:443; + server 151.101.194.167:443; + server 151.101.230.167:443; + server twitch.map.fastly.net:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name twitch.tv; + server_name www.twitch.tv; + server_name m.twitch.tv; + server_name app.twitch.tv; + server_name clips.twitch.tv; + server_name gql.twitch.tv; + server_name dashboard.twitch.tv; + server_name player.twitch.tv; + server_name api.twitch.tv; + + include cert.conf; + + location / { + resolver public1.alidns.com valid=300; + set $twitch_tv twitch.map.fastly.net; + proxy_pass https://$twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name irc-ws.chat.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://5a895ed07aed1b254ee21cd78958ae0b.steam302.xyz:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name irc-ws-r.chat.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://065f67277ae87878fffaa60519b3ee5c.steam302.xyz:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name vod-storyboards.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=120; + set $vod_storyboards dlifex0fg7ru9.cloudfront.net; + proxy_pass https://$vod_storyboards:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name vod-metro.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $vod_metro d8t045al7vai0.cloudfront.net; + proxy_pass https://$vod_metro:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name music.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $music_twitch_tv d12b3e89c9703p.cloudfront.net; + proxy_pass https://$music_twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name player.m7g.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $player_m7g_twitch dnjmu7cm5xw9w.cloudfront.net; + proxy_pass https://$player_m7g_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name badges.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://dbc180c27b3635f9e5b006f3a037b87e.steam302.xyz:443/; + include proxy.params; + } +} + +upstream d1x43om3304ey9-cloudfront-net { + server 13.225.103.12:443; + server 13.225.103.89:443; + server 13.225.103.105:443; + server 13.225.103.124:443; + server [2600:9000:2200:8a00:2:b70:2c40:93a1]:443; + server [2600:9000:2200:5000:2:b70:2c40:93a1]:443; + server [2600:9000:2200:b400:2:b70:2c40:93a1]:443; + server [2600:9000:2200:7600:2:b70:2c40:93a1]:443; + server [2600:9000:2200:2800:2:b70:2c40:93a1]:443; + server [2600:9000:2200:2400:2:b70:2c40:93a1]:443; + server [2600:9000:2200:2200:2:b70:2c40:93a1]:443; + server [2600:9000:2200:e600:2:b70:2c40:93a1]:443; + server d1x43om3304ey9.cloudfront.net:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name blog.twitch.tv; + + include cert.conf; + + location / { + resolver public1.alidns.com valid=300; + set $blog_twitch d1x43om3304ey9-cloudfront-net; + proxy_pass https://$blog_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name panels.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $panels_twitch_tv d1ut6fykkt3imt.cloudfront.net; + proxy_pass https://$panels_twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name dev.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $dev_twitch_tv d205b01qzi0xib.cloudfront.net; + proxy_pass https://$dev_twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name spade.twitch.tv; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=60; + set $spade_twitch_tv science-edge-external-prod-73889260.us-west-2.elb.amazonaws.com; + proxy_pass https://$spade_twitch_tv/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name vod-secure.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $vod_secure_twitch_tv ds0h3roq6wcgc.cloudfront.net; + proxy_pass https://$vod_secure_twitch_tv/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name trowel.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $trowel_twitch_tv science-edge-external-prod-73889260.us-west-2.elb.amazonaws.com; + proxy_pass https://$trowel_twitch_tv/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name extension-files.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $extension_files_twitch d36mepituis1gg.cloudfront.net; + proxy_pass https://$extension_files_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name help.twitch.tv; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=60; + set $help_twitch_tv e26428.dscx.akamaiedge.net; + proxy_pass https://$help_twitch_tv:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name brand.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $brand_twitch d2g064yykcu7rs.cloudfront.net; + proxy_pass https://$brand_twitch:443/; + include proxy.params; + } +} + +upstream passport-twitch-tv { + server 52.38.185.174:443; + server 34.208.37.185:443; + server 52.36.215.144:443; + server c3ad68a16f66bff24e2d82595bd240a1.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name passport.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://passport-twitch-tv/; + include proxy.params; + } +} + +upstream id-twitch-tv { + server 52.27.34.51:443; + server 52.27.193.97:443; + server 35.164.201.113:443; + server 35.82.117.112:443; + server 35.164.166.201:443; + server 52.32.64.194:443; + server 2973c6ca0e111662ed293b57dbae9fbf.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name id.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://id-twitch-tv/; + include proxy.params; + } +} + +upstream link-twitch-tv { + server 67.199.248.12:443; + server 67.199.248.13:443; + server 985a89155dd090eacda1b82388e334ed.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name link.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://link-twitch-tv/; + include proxy.params; + } +} + +upstream id--cdn-twitch-tv { + server 13.224.167.13:443; + server 13.224.167.21:443; + server 13.224.167.82:443; + server 13.224.167.126:443; + server 108.138.246.32:443; + server 108.138.246.23:443; + server 108.138.246.47:443; + server 108.138.246.101:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name id-cdn.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://id--cdn-twitch-tv/; + include proxy.params; + } +} + +upstream pubsub--edge-twitch-tv { + server 54.186.8.237:443; + server 100.20.215.79:443; + server 35.82.206.220:443; + server 54.69.59.28:443; + server 54.188.166.247:443; + server 34.213.206.213:443; + server 54.184.104.163:443; + server 34.213.26.113:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name pubsub-edge.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://pubsub--edge-twitch-tv/; + include proxy.params; + } +} + +upstream assets-help-twitch-tv { + server 13.225.103.75:443; + server 13.225.103.43:443; + server 13.225.103.12:443; + server 13.225.103.14:443; + server 54.192.18.40:443; + server 54.192.18.82:443; + server 54.192.18.83:443; + server 54.192.18.93:443; + server 6d859be7aa0440f65c8a940ef5218337.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name assets.help.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://assets-help-twitch-tv/; + include proxy.params; + } +} + +upstream discuss-dev-twitch-tv { + server 54.69.226.84:443; + server 522c432cc10e237a02fa1d6481d7d247.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name discuss.dev.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://discuss-dev-twitch-tv/; + include proxy.params; + } +} + +upstream ingest-twitch-tv { + server 192.108.239.253:443; + server 23.160.0.253:443; + server b3d696173d52b66e1caab6145cb5058b.steam302.xyz:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name ingest.twitch.tv; + + include cert.conf; + + location / { + proxy_pass https://ingest-twitch-tv/; + include proxy.params; + } +} + +upstream usher-ttvnw-net { + server 124.108.22.138:443; + server usher.steam302.xyz:443; + #server 192.108.239.254:443; + #server 23.160.0.254:443; +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name usher.ttvnw.net; + + include cert.conf; + + location / { + proxy_pass https://usher-ttvnw-net/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name cvp.twitch.tv; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=60; + set $cvp_twitch e9221.i.akamaiedge.net; + proxy_pass https://$cvp_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name clips-media-assets2.twitch.tv; + + include cert.conf; + + location / { + resolver 9.9.9.12 valid=60; + set $clips_media_twitch d2xmjdvx03ij56.cloudfront.net; + proxy_pass https://$clips_media_twitch:443/; + include proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name safety.twitch.tv; + + include cert.conf; + + location / { + resolver 223.5.5.5 valid=60; + set $safety_twitch e28790.dsca.akamaiedge.net; + proxy_pass https://$safety_twitch:443/; + include proxy.params; + } +} +# Twitch End \ No newline at end of file diff --git a/conf/Twitch.params b/conf/Twitch.params new file mode 100644 index 0000000..6d486df --- /dev/null +++ b/conf/Twitch.params @@ -0,0 +1,2 @@ +proxy_http_version 1.1; +include proxy.params; \ No newline at end of file diff --git a/conf/Twitter.conf b/conf/Twitter.conf new file mode 100644 index 0000000..9adf7fa --- /dev/null +++ b/conf/Twitter.conf @@ -0,0 +1,288 @@ +# twitter Start +upstream twitter-com { + #server 104.244.42.1:443; + #server 104.244.42.13:443; + #server 104.244.42.14:443; + #server 104.244.42.78:443; + #server 104.244.42.141:443; + #server 104.244.42.142:443; + #server 104.244.42.206:443; + #server 104.244.42.1:443; + #server 104.244.42.65:443; + #server 104.244.42.129:443; + #server 104.244.42.193:443; + server 104.244.45.65:443; + ##server 104.244.45.129:443; + server 104.244.45.193:443; + server 69.195.169.139:443; + server 69.195.170.139:443; + server 69.195.183.139:443; + server 69.195.171.251:443; + server 69.195.171.252:443; + keepalive 16; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 10000; +} + +upstream mobile-twitter-com { + #server 104.244.42.6:443; + #server 104.244.42.70:443; + #server 104.244.42.134:443; + #server 104.244.42.198:443; + server 104.244.45.6:443; +} + +upstream support-twitter-com { + #server 104.244.42.3:443; + #server 104.244.42.67:443; + #server 104.244.42.131:443; + #server 104.244.42.195:443; + server 104.244.45.3:443; +} +upstream syndication-twitter-com { + server 104.244.45.8:443; +} + +upstream upload-twitter-com { + server 69.195.171.253:443; + server 104.244.45.11:443; +} + +upstream api-twitter-com { + #server 104.244.41.1:443; + #server 104.244.41.2:443; + #server 104.244.41.3:443; + #server 104.244.41.67:443; + #server 104.244.41.66:443; + #server 104.244.41.65:443; + #server 104.244.41.131:443; + #server 104.244.41.130:443; + #server 104.244.41.129:443; + #server 104.244.41.193:443; + #server 104.244.41.194:443; + #server 104.244.41.195:443; + #server 104.244.42.2:443; + #server 104.244.42.66:443; + #server 104.244.42.130:443; + #server 104.244.42.194:443; + server 104.244.45.2:443; + ##server 104.244.45.66:443; + ##server 104.244.45.130:443; + server 104.244.45.194:443; + keepalive 8; + keepalive_time 1h; + keepalive_timeout 600s; + keepalive_requests 10000; +} + +upstream ton-twitter-com { + server 104.244.42.20:443; + server 104.244.42.84:443; + server 104.244.42.148:443; + server 104.244.42.212:443; + server 104.244.45.8:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name twitter.com; + server_name x.com; + server_name *.x.com; + server_name *.twitter.com; + + include cert.conf; + location / { + proxy_pass https://twitter-com/; + include Twitter.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name platform.twitter.com; + server_name platform.x.com; + + include cert.conf; + location / { + resolver public1.alidns.com:53 valid=300; + set $platform_twitter platform.twitter.map.fastly.net; + proxy_pass https://$platform_twitter:443/; + include Twitter.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name upload.twitter.com; + server_name upload.x.com; + + include cert.conf; + location / { + proxy_pass https://upload-twitter-com/; + include Twitter.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name ton.twitter.com; + server_name ton.x.com; + + include cert.conf; + location / { + proxy_pass https://ton-twitter-com/; + include Twitter.params ; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name api.twitter.com; + server_name api.x.com; + + include cert.conf; + location / { + proxy_pass https://api-twitter-com/; + tcp_nodelay on; + proxy_set_header Cookie $http_cookie; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + include Twitter.params ; + } +} + +upstream twimg-com { + #server 104.244.42.201:443; + #server 104.244.43.131:443; + server 146.75.20.157:443; + server 146.75.20.158:443; + server 146.75.20.159:443; + server 146.75.20.160:443; + server 146.75.112.157:443; + server 146.75.112.158:443; + server 146.75.112.159:443; + server 146.75.112.160:443; + server 151.101.64.157:443; + server 151.101.64.158:443; + server 151.101.64.159:443; + server 151.101.64.160:443; + server 151.101.76.157:443; + server 151.101.76.158:443; + #server 151.101.76.159:443; + server 151.101.76.160:443; + server 151.101.88.157:443; + server 151.101.88.158:443; + server 151.101.88.159:443; + server 151.101.88.160:443; + #server 151.101.108.157:443; + server 151.101.108.158:443; + server 151.101.108.160:443; + server 151.101.112.157:443; + server 151.101.112.158:443; + server 151.101.112.159:443; + server 151.101.112.160:443; + server 151.101.128.157:443; + server 151.101.128.158:443; + server 151.101.128.159:443; + server 151.101.128.160:443; + server 151.101.192.157:443; + server 151.101.192.158:443; + server 151.101.192.159:443; + server 151.101.192.160:443; + server 199.232.208.157:443; + server 199.232.208.158:443; + server 199.232.208.159:443; + server 199.232.208.160:443; + server 199.232.212.157:443; + server 199.232.212.158:443; + server 199.232.212.159:443; + server 199.232.212.160:443; + server 199.232.232.157:443; + server 199.232.232.158:443; + server 199.232.232.159:443; + server 199.232.232.160:443; + keepalive 16; + keepalive_time 1h; + keepalive_timeout 120s; + keepalive_requests 1000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.twimg.com; + + include cert.conf; + location / { + proxy_pass https://twimg-com/; + include Twitter.params; + keepalive_timeout 120; + } +} + +upstream video-twimg-com { + #server 117.18.232.102:443; + server 146.75.48.157:443; + server 146.75.48.158:443; + server 146.75.48.159:443; + server 146.75.48.160:443; + #server 151.101.108.157:443; + server 151.101.108.158:443; + server 151.101.108.160:443; + server 167.82.84.158:443; + server 192.229.232.217:443; + server 192.229.210.163:443; + server 199.232.44.157:443; + server 199.232.100.159:443; + server 199.232.104.160:443; + server 199.232.236.158:443; + server [2a04:4e42:1a::157]:443; + server [2a04:4e42:1a::158]:443; + server [2a04:4e42:1a::159]:443; + server [2a04:4e42:1a::160]:443; + server [2606:2800:247:22e4:1f0b:18b4:207d:15b0]:443; + server [2606:2800:21f:dc2:1fe1:23fc:954:1461]:443; +} + +upstream t-co { + #server 104.244.45.150:443; + server 104.244.45.5:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name t.co; + + include cert.conf; + location / { + proxy_pass https://t-co/; + include Twitter.params; + } +} + +upstream jf-x-com { + server 35.155.77.250:443; + server 52.33.255.168:443; + server 44.240.80.13:443; + server 35.160.104.26:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name jf.x.com; + + include cert.conf; + location / { + proxy_pass https://jf-x-com/; + include Twitter.params; + } +} +# twitter End \ No newline at end of file diff --git a/conf/Twitter.params b/conf/Twitter.params new file mode 100644 index 0000000..9092613 --- /dev/null +++ b/conf/Twitter.params @@ -0,0 +1,8 @@ +access_log logs/Twitter-access.log main buffer=4k; +error_log logs/Twitter-error.log; +proxy_headers_hash_max_size 8192; +proxy_buffer_size 128k; +proxy_buffers 4 256k; +proxy_busy_buffers_size 256k; +proxy_connect_timeout 2; +include proxy.params; \ No newline at end of file diff --git a/conf/WallHaven.conf b/conf/WallHaven.conf new file mode 100644 index 0000000..91914f2 --- /dev/null +++ b/conf/WallHaven.conf @@ -0,0 +1,33 @@ +# WallHaven Start + + +upstream WallHaven-cc { + server 15.235.80.145:443; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name wallhaven.cc; + server_name w.wallhaven.cc; + server_name www.wallhaven.cc; + server_name th.wallhaven.cc; + server_name static.wallhaven.cc; + server_name alpha.wallhaven.cc; + + include cert.conf; + client_max_body_size 50M; + + location / { + proxy_max_temp_file_size 0; + proxy_pass https://15.235.80.145/; + proxy_buffer_size 64k; + proxy_buffers 32 64k; + proxy_busy_buffers_size 128k; + #proxy_set_header X-Host $host; + #proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + #proxy_set_header X-Real_IP $remote_addr; + include proxy.params; + } +} +# WallHaven End \ No newline at end of file diff --git a/conf/cert.conf b/conf/cert.conf new file mode 100644 index 0000000..bb8fb16 --- /dev/null +++ b/conf/cert.conf @@ -0,0 +1,2 @@ +ssl_certificate ca/pixiv.net.crt; +ssl_certificate_key ca/pixiv.net.key; \ No newline at end of file diff --git a/conf/fastcgi.conf b/conf/fastcgi.conf index 091738c..0582e00 100644 --- a/conf/fastcgi.conf +++ b/conf/fastcgi.conf @@ -1,26 +1,26 @@ - -fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; -fastcgi_param QUERY_STRING $query_string; -fastcgi_param REQUEST_METHOD $request_method; -fastcgi_param CONTENT_TYPE $content_type; -fastcgi_param CONTENT_LENGTH $content_length; - -fastcgi_param SCRIPT_NAME $fastcgi_script_name; -fastcgi_param REQUEST_URI $request_uri; -fastcgi_param DOCUMENT_URI $document_uri; -fastcgi_param DOCUMENT_ROOT $document_root; -fastcgi_param SERVER_PROTOCOL $server_protocol; -fastcgi_param REQUEST_SCHEME $scheme; -fastcgi_param HTTPS $https if_not_empty; - -fastcgi_param GATEWAY_INTERFACE CGI/1.1; -fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; - -fastcgi_param REMOTE_ADDR $remote_addr; -fastcgi_param REMOTE_PORT $remote_port; -fastcgi_param SERVER_ADDR $server_addr; -fastcgi_param SERVER_PORT $server_port; -fastcgi_param SERVER_NAME $server_name; - -# PHP only, required if PHP was built with --enable-force-cgi-redirect -fastcgi_param REDIRECT_STATUS 200; + +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; diff --git a/conf/fastcgi_params b/conf/fastcgi_params index 28decb9..091738c 100644 --- a/conf/fastcgi_params +++ b/conf/fastcgi_params @@ -1,4 +1,5 @@ +fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param QUERY_STRING $query_string; fastcgi_param REQUEST_METHOD $request_method; fastcgi_param CONTENT_TYPE $content_type; diff --git a/conf/instagram.conf b/conf/instagram.conf new file mode 100644 index 0000000..6187b61 --- /dev/null +++ b/conf/instagram.conf @@ -0,0 +1,95 @@ +#upstream instagram-com { +# server [2a03:2880:f25e:1e4:face:b00c:0:4420]:443; +#} +upstream list-cdn-ins { + #故障,弃用 server [2a03:2880:f25a:cc:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkt1 + #故障,弃用 server [2a03:2880:f25a:1c2:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkt2 + server [2a03:2880:f25e:1e4:face:b00c:0:4420]:443 max_fails=10 fail_timeout=60s;#不明香港服务器但可用 + server [2a03:2880:f215:c3:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkg1-1 + server [2a03:2880:f215:1d2:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkg1-2 + server [2a03:2880:f25e:ca:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkg4-1 + server [2a03:2880:f25e:1ca:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#香港hkg4-2 + #故障,弃用 server [2a03:2880:f20f:c4:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#日本nrt1 + #故障,弃用 server [2a03:2880:f20f:1d0:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#日本nrt2 + server [2a03:2880:f24e:cb:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#日本itm1 + server [2a03:2880:f20c:c4:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡sin6-1 + server [2a03:2880:f20c:2c4:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡sin6-2 + server [2a03:2880:f20c:1ca:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡sin6-3 + server [2a03:2880:f20c:3c2:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡sin6-4 + server [2a03:2880:f25c:cc:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡XSP1-1 + server [2a03:2880:f25c:1cc:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡XSP1-2 + server [2a03:2880:f25c:2c7:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡XSP1-3 + server [2a03:2880:f286:c9:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#新加坡XSP2-1 + #故障,弃用 server [2a03:2880:f24a:ca:face:b00c:0:43fe]:443 max_fails=10 fail_timeout=60s;#韩国GMP + keepalive 16; + keepalive_time 1h; + keepalive_timeout 300s; + keepalive_requests 10000; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name edge-chat.instagram.com; + + access_log logs/Instagram-access.log main buffer=4k; + error_log logs/Instagram-error.log; + + include cert.conf; + location / { + proxy_pass https://list-cdn-ins/; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include Proxy.params; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name gateway.instagram.com; + + access_log logs/Instagram-access.log main buffer=4k; + error_log logs/Instagram-error.log; + + include cert.conf; + location / { + proxy_pass https://[2a03:2880:f05e:115:face:b00c:0:6206]:443/; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + include Proxy.params; + } +} +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name *.cdninstagram.com; + + server_name ig.me; + server_name *.ig.me; + server_name instagr.am; + server_name *.instagr.am; + server_name Instagram.com; + server_name *.Instagram.com; + + access_log logs/Instagram-access.log main buffer=4k; + error_log logs/Instagram-error.log; + + include cert.conf; + location / { + proxy_pass https://list-cdn-ins/; + include proxy.params; + + proxy_set_header Connection ""; + proxy_buffer_size 128k; + proxy_buffers 16 32k; + proxy_busy_buffers_size 128k; + + proxy_next_upstream error timeout http_429 http_500 http_502 http_503 http_504 non_idempotent; + proxy_connect_timeout 2; + proxy_next_upstream_timeout 60; + proxy_send_timeout 5; + proxy_read_timeout 5; + keepalive_timeout 120; + } +} \ No newline at end of file diff --git a/conf/iwaras.conf b/conf/iwaras.conf new file mode 100644 index 0000000..6069071 --- /dev/null +++ b/conf/iwaras.conf @@ -0,0 +1,12 @@ +access_log logs/iwara-access.gzip main gzip=4 buffer=4k; +error_log logs/iwara-error.log; + +proxy_next_upstream_timeout 12; +proxy_connect_timeout 3; +proxy_send_timeout 3; +proxy_read_timeout 3; + +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Real_IP $remote_addr; +include proxy.params; +proxy_ssl_name $http_host; diff --git a/conf/mime.types b/conf/mime.types index 8a2348a..4321314 100644 --- a/conf/mime.types +++ b/conf/mime.types @@ -15,6 +15,8 @@ types { text/vnd.wap.wml wml; text/x-component htc; + image/avif avif; + image/bmp bmp; image/png png; image/svg+xml svg svgz; image/tiff tif tiff; @@ -22,9 +24,10 @@ types { image/webp webp; image/x-icon ico; image/x-jng jng; - image/x-ms-bmp bmp; - application/font-woff woff; + font/woff woff; + font/woff2 woff2; + application/java-archive jar war ear; application/json json; application/mac-binhex40 hqx; @@ -33,6 +36,7 @@ types { application/postscript ps eps ai; application/rtf rtf; application/vnd.apple.mpegurl m3u8; + application/vnd.debian.binary-package deb udeb; application/vnd.google-earth.kml+xml kml; application/vnd.google-earth.kmz kmz; application/vnd.ms-excel xls; @@ -48,7 +52,9 @@ types { xlsx; application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; + application/vnd.rar rar; application/vnd.wap.wmlc wmlc; + application/wasm wasm; application/x-7z-compressed 7z; application/x-cocoa cco; application/x-java-archive-diff jardiff; @@ -56,7 +62,6 @@ types { application/x-makeself run; application/x-perl pl pm; application/x-pilot prc pdb; - application/x-rar-compressed rar; application/x-redhat-package-manager rpm; application/x-sea sea; application/x-shockwave-flash swf; @@ -69,7 +74,6 @@ types { application/zip zip; application/octet-stream bin exe dll; - application/octet-stream deb; application/octet-stream dmg; application/octet-stream iso img; application/octet-stream msi msp msm; diff --git a/conf/nginx.conf b/conf/nginx.conf index be56c06..8179ca5 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,36 +1,57 @@ #user nobody; -worker_processes 1; +#worker_cpu_affinity auto; +worker_processes 6; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; -#pid logs/nginx.pid; events { - worker_connections 1024; + #use icop; + #multi_accept on; + worker_connections 32767; } - http { - include mime.types; - default_type application/octet-stream; + resolver 223.5.5.5; + resolver_timeout 5s; + #include mime.types; + #default_type application/octet-stream; + ssl_protocols TLSv1.2 TLSv1.3 TLSv1 TLSv1.1 SSLv2 SSLv3; + #ssl_ciphers "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"; + log_format main '[$time_local]- 客户端地址:"$remote_addr" 请求耗时"$request_time" 域名:$http_host 监听地址:$server_addr 监听端口:$server_port $server_protocol\n 上游状态"$upstream_status" 上游地址:"$upstream_addr" $status 总字节数$body_bytes_sent\n "$http_referer" "$http_x_forwarded_for" \n    "$request"\n';# "$http_user_agent" + access_log logs/access.log main buffer=4k; + open_log_file_cache max=1000 inactive=1m valid=1m min_uses=1; + fastcgi_buffers 16 128k; - #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - # '$status $body_bytes_sent "$http_referer" ' - # '"$http_user_agent" "$http_x_forwarded_for"'; - - #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; - keepalive_timeout 65; - client_max_body_size 100m; + + keepalive_timeout 120; + keepalive_requests 30000; + client_max_body_size 200m; server_names_hash_max_size 512; server_names_hash_bucket_size 1024; + gzip on; + include Pixiv.conf; + include E-hentai.conf; + include Steam.conf; + #include DLsite.conf; + include Instagram.conf; + #include iwara.conf;#根据使用情况自行替换iwara.conf和iwara2.conf + include Reddit.conf; + include Discord.conf; + include Twitter.conf; + include Twitch.conf; + include WallHaven.conf; + #include Patreon.conf; + include PayPal.conf; + include nhentai.conf; + include WebUI.conf; + #include ShortLink.conf; + include GoogleVideo.conf; - #gzip on; - - include pixiv.conf; -} +} \ No newline at end of file diff --git a/conf/proxy.params b/conf/proxy.params new file mode 100644 index 0000000..0b3b571 --- /dev/null +++ b/conf/proxy.params @@ -0,0 +1,8 @@ +proxy_http_version 1.1; +proxy_set_header Host $http_host; +proxy_set_header User-Agent $http_user_agent; +proxy_set_header Accept-Encoding ''; +proxy_buffering off; +proxy_ssl_server_name on; +#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +#proxy_set_header X-Real_IP $remote_addr; \ No newline at end of file