feat(init): 添加阿里云源初始化脚本

- 新增 linux-ali.sh 脚本 - 更新 README.md，添加阿里云源初始化说明 - 重命名 nginx 配置示例，从 git.sugarscat.cn 改为 example - 更新 nginx 配置示例的 README.md
2025-05-14 22:27:26 +08:00
parent 03702ac74b
commit bc2f167198
7 changed files with 188 additions and 85 deletions
--- a/nginx/example/README.md
+++ b/nginx/example/README.md
@@ -0,0 +1,33 @@
+# Example
+
+## Nginx 配置
+
+下载配置
+
+```bash
+curl -fsSL https://git.sugarscat.cn/me/script/-/raw/main/nginx/example/nginx.conf > /etc/nginx/sites-available/example.com
+```
+
+启用配置
+
+```bash
+ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
+```
+
+修改配置
+
+```bash
+vim /etc/nginx/sites-available/example.com
+```
+
+测试配置
+
+```bash
+nginx -t
+```
+
+重启 nginx
+
+```bash
+systemctl restart nginx
+```
--- a/nginx/example/nginx.conf
+++ b/nginx/example/nginx.conf
@@ -0,0 +1,49 @@
+server {
+    listen 80 ;
+    # listen 443 ssl http2 ;
+    server_name example.com;
+
+    index index.php index.html index.htm default.php default.htm default.html;
+    proxy_set_header Host $host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Host $server_name;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+
+    # 重定向
+#     if ($scheme = http) {
+#         return 301 https://$host$request_uri;
+#     }
+
+    # ssl 设置
+#     ssl_certificate /etc/nginx/ssl/fullchain.crt;
+#     ssl_certificate_key /etc/nginx/ssl/privkey.key;
+
+    ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
+    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+    add_header Strict-Transport-Security "max-age=31536000";
+    error_page 497 https://$host$request_uri;
+    proxy_set_header X-Forwarded-Proto https;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+#     location ^~ / {
+#         proxy_pass https://127.0.0.1:8080;
+#         proxy_set_header Host $host;
+#         proxy_set_header X-Real-IP $remote_addr;
+#         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+#         proxy_set_header REMOTE-HOST $remote_addr;
+#         proxy_set_header Upgrade $http_upgrade;
+#         proxy_set_header Connection "upgrade";
+#         proxy_set_header X-Forwarded-Proto $scheme;
+#         proxy_http_version 1.1;
+#         add_header X-Cache $upstream_cache_status;
+#         add_header Strict-Transport-Security "max-age=31536000";
+#         add_header Cache-Control no-cache;
+#     }
+}
--- a/nginx/git.sugarscat.cn/README.md
+++ b/nginx/git.sugarscat.cn/README.md
@@ -1,29 +0,0 @@
-# git.sugarscat.cn
-
-## Nginx 配置
-
-> 该配置需要在 `/etc/nginx/ssl/` 目录下创建 `fullchain.crt` 和 `privkey.key` 证书文件。
-
-下载配置
-
-```bash
-curl -fsSL https://git.sugarscat.cn/me/script/-/raw/main/nginx/git.sugarscat.cn/nginx.conf > /etc/nginx/sites-available/git.sugarscat.cn
-```
-
-启用配置
-
-```bash
-ln -s /etc/nginx/sites-available/git.sugarscat.cn /etc/nginx/sites-enabled/
-```
-
-测试配置
-
-```bash
-nginx -t
-```
-
-重启 nginx
-
-```bash
-systemctl restart nginx
-```
--- a/nginx/git.sugarscat.cn/nginx.conf
+++ b/nginx/git.sugarscat.cn/nginx.conf
@@ -1,51 +0,0 @@
-server {
-    listen 80 ;
-    listen 443 ssl http2 ;
-    server_name git.sugarscat.cn;
-    index index.php index.html index.htm default.php default.htm default.html;
-    proxy_set_header Host $host;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header X-Forwarded-Host $server_name;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_http_version 1.1;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection "upgrade";
-    # acme.sh
-    location ^~ /.well-known/acme-challenge {
-        allow all;
-        root /var/www/html;
-    }
-    # 重定向
-    if ($scheme = http) {
-        return 301 https://$host$request_uri;
-    }
-    # ssl 设置
-    ssl_certificate /etc/nginx/ssl/fullchain.crt;
-    ssl_certificate_key /etc/nginx/ssl/privkey.key;
-
-    ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
-    ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
-    ssl_prefer_server_ciphers on;
-    ssl_session_cache shared:SSL:10m;
-    ssl_session_timeout 10m;
-    add_header Strict-Transport-Security "max-age=31536000";
-    error_page 497 https://$host$request_uri;
-    proxy_set_header X-Forwarded-Proto https;
-    ssl_stapling on;
-    ssl_stapling_verify on;
-
-    location ^~ / {
-        proxy_pass https://127.0.0.1:8080;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header REMOTE-HOST $remote_addr;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection "upgrade";
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_http_version 1.1;
-        add_header X-Cache $upstream_cache_status;
-        add_header Strict-Transport-Security "max-age=31536000";
-        add_header Cache-Control no-cache;
-    }
-}
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -50,14 +50,14 @@ http {
    ##

    gzip on;
-    gzip_min_length  1k;
-    gzip_buffers     4 16k;
+    gzip_min_length 1k;
+    gzip_buffers 4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
-    gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
+    gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
    gzip_vary on;
-    gzip_proxied   expired no-cache no-store private auth;
-    gzip_disable   "MSIE [1-6]\.";
+    gzip_proxied expired no-cache no-store private auth;
+    gzip_disable "MSIE [1-6]\.";

    ##
    # Virtual Host Configs