Merge remote-tracking branch 'origin/master'

This commit is contained in:
Martin Mahner 2016-03-23 14:15:34 +01:00
commit f92e447adc
2 changed files with 31 additions and 14 deletions

View file

@ -44,7 +44,7 @@ The format of the API response. Choices are:
{
"url": "https://dpaste.de/xsWd",
"lexer": "python",
"conent": "The text body of the snippet."
"content": "The text body of the snippet."
}
@ -73,7 +73,7 @@ highlighting). A given ``lexer`` will overwrite any filename! Example::
"url": "https://dpaste.de/xsWd",
"lexer": "",
"filename": "python",
"conent": "The text body of the snippet."
"content": "The text body of the snippet."
}
This will create a ``python`` highlighted snippet. However in this example::
@ -82,7 +82,7 @@ This will create a ``python`` highlighted snippet. However in this example::
"url": "https://dpaste.de/xsWd",
"lexer": "php",
"filename": "python",
"conent": "The text body of the snippet."
"content": "The text body of the snippet."
}
Since the lexer is set too, we will create a ``php`` highlighted snippet.

View file

@ -14,7 +14,6 @@ log_format combined_port '$remote_addr - $remote_user [$time_local] '
# -----------------------------------------------------------------------------
server {
listen 80;
listen [::]:80;
server_name dpaste.de
www.dpaste.de
@ -24,6 +23,11 @@ server {
location / {
rewrite ^ https://$server_name$request_uri? permanent;
}
location /.well-known/acme-challenge/ {
alias /var/www/challenges/;
try_files $uri =404;
}
}
# -----------------------------------------------------------------------------
@ -32,12 +36,21 @@ server {
server {
listen 443 ssl spdy;
listen [::]:443 ssl spdy;
server_name dpaste.org www.dpaste.org;
ssl_certificate /srv/dpaste.de/var/ssl/dpaste_org_unified.crt;
ssl_certificate_key /srv/dpaste.de/var/ssl/dpaste_org.key;
ssl on;
ssl_certificate /srv/dpaste.de/etc/ssl/dpaste_org_chained.pem;
ssl_certificate_key /srv/dpaste.de/etc/ssl/dpaste_org.key;
ssl_dhparam /etc/ssl/dhparam.pem;
# SSL modern config for modern browsers Pete told me
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=25200;
# Redirect to dpaste.de
@ -48,16 +61,20 @@ server {
server {
listen 443 ssl spdy;
listen [::]:443 ssl spdy;
server_name dpaste.de www.dpaste.de;
ssl_certificate /srv/dpaste.de/var/ssl_2015/ssl-unified.crt;
ssl_certificate_key /srv/dpaste.de/var/ssl_2015/ssl.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AES256+EECDH:AES256+EDH;
ssl_session_cache builtin:1000 shared:SSL:5m;
ssl on;
ssl_certificate /srv/dpaste.de/etc/ssl/dpaste_de_chained.pem;
ssl_certificate_key /srv/dpaste.de/etc/ssl/dpaste_de.key;
ssl_dhparam /etc/ssl/dhparam.pem;
# SSL modern config for modern browsers Pete told me
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=25200;
@ -70,7 +87,7 @@ server {
error_log /srv/dpaste.de/var/nginx.error.log;
keepalive_timeout 5;
client_max_body_size 2M;
client_max_body_size 10M;
location ~ /(favicon.ico|robots.txt) {
access_log off;