diff --git a/www/README.md b/www/README.md
new file mode 100644
index 0000000..1bc8902
--- /dev/null
+++ b/www/README.md
@@ -0,0 +1,21 @@
+# Git 仓库
+
+## Nginx 配置
+
+下载配置
+
+```bash
+curl -fsSL https://git.sugarscat.cn/me/bash/-/raw/main/www/nginx.conf > /etc/nginx/nginx.conf
+```
+
+测试配置
+
+```bash
+nginx -t
+```
+
+重启 nginx
+
+```bash
+systemctl restart nginx
+```
\ No newline at end of file
diff --git a/www/default/README.md b/www/default/README.md
new file mode 100644
index 0000000..854a105
--- /dev/null
+++ b/www/default/README.md
@@ -0,0 +1,27 @@
+# Git 仓库
+
+## Nginx 配置
+
+下载配置
+
+```bash
+curl -fsSL https://git.sugarscat.cn/me/bash/-/raw/main/www/default/nginx.conf > /etc/nginx/sites-available/default
+```
+
+启用配置
+
+```bash
+ln -s /etc/nginx/sites-available/default /etc/nginx/sites-enabled/default
+```
+
+测试配置
+
+```bash
+nginx -t
+```
+
+重启 nginx
+
+```bash
+systemctl restart nginx
+```
\ No newline at end of file
diff --git a/www/default/nginx.conf b/www/default/nginx.conf
new file mode 100644
index 0000000..bb23827
--- /dev/null
+++ b/www/default/nginx.conf
@@ -0,0 +1,92 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# https://www.nginx.com/resources/wiki/start/
+# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
+# https://wiki.debian.org/Nginx/DirectoryStructure
+#
+# In most cases, administrators will remove this file from sites-enabled/ and
+# leave it as reference inside of sites-available where it will continue to be
+# updated by the nginx packaging team.
+#
+# This file will automatically load configuration files provided by other
+# applications, such as Drupal or Wordpress. These applications will be made
+# available underneath a path with that package name, such as /drupal8.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+
+    # SSL configuration
+    #
+    listen 443 ssl default_server;
+    listen [::]:443 ssl default_server;
+
+    #
+    # Note: You should disable gzip for SSL traffic.
+    # See: https://bugs.debian.org/773332
+    #
+    # Read up on ssl_ciphers to ensure a secure configuration.
+    # See: https://bugs.debian.org/765782
+    #
+    # Self signed certs generated by the ssl-cert package
+    # Don't use them in a production server!
+    #
+    # include snippets/snakeoil.conf;
+
+    root /var/www/html;
+
+    # Add index.php to the list if you are using PHP
+    index index.html index.htm index.nginx-debian.html;
+
+    server_name _;
+
+    location / {
+        # First attempt to serve request as file, then
+        # as directory, then fall back to displaying a 404.
+        return 403;
+    }
+
+    # pass PHP scripts to FastCGI server
+    #
+    #location ~ \.php$ {
+    #	include snippets/fastcgi-php.conf;
+    #
+    #	# With php-fpm (or other unix sockets):
+    #	fastcgi_pass unix:/run/php/php7.4-fpm.sock;
+    #	# With php-cgi (or other tcp sockets):
+    #	fastcgi_pass 127.0.0.1:9000;
+    #}
+
+    # deny access to .htaccess files, if Apache's document root
+    # concurs with nginx's one
+    #
+    #location ~ /\.ht {
+    #	deny all;
+    #}
+}
+
+
+# Virtual Host configuration for example.com
+#
+# You can move that to a different file under sites-available/ and symlink that
+# to sites-enabled/ to enable it.
+#
+#server {
+#	listen 80;
+#	listen [::]:80;
+#
+#	server_name example.com;
+#
+#	root /var/www/example.com;
+#	index index.html;
+#
+#	location / {
+#		try_files $uri $uri/ =404;
+#	}
+#}
diff --git a/www/nginx.conf b/www/nginx.conf
new file mode 100644
index 0000000..3566495
--- /dev/null
+++ b/www/nginx.conf
@@ -0,0 +1,90 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+    worker_connections 1024;
+    # multi_accept on;
+}
+
+http {
+
+    ##
+    # Basic Settings
+    ##
+
+    sendfile on;
+    tcp_nopush on;
+    types_hash_max_size 2048;
+    # server_tokens off;
+
+    # server_names_hash_bucket_size 64;
+    # server_name_in_redirect off;
+
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+
+    server_names_hash_bucket_size 512;
+    client_header_buffer_size 32k;
+    client_max_body_size 50m;
+    keepalive_timeout 60;
+    keepalive_requests 100000;
+
+    ##
+    # SSL Settings
+    ##
+
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
+    ssl_prefer_server_ciphers on;
+
+    ##
+    # Logging Settings
+    ##
+
+    access_log /var/log/nginx/access.log;
+    error_log /var/log/nginx/error.log;
+
+    ##
+    # Gzip Settings
+    ##
+
+    gzip on;
+    gzip_min_length  1k;
+    gzip_buffers     4 16k;
+    gzip_http_version 1.1;
+    gzip_comp_level 2;
+    gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
+    gzip_vary on;
+    gzip_proxied   expired no-cache no-store private auth;
+    gzip_disable   "MSIE [1-6]\.";
+
+    ##
+    # Virtual Host Configs
+    ##
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+}
+
+
+#mail {
+#	# See sample authentication script at:
+#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
+#
+#	# auth_http localhost/auth.php;
+#	# pop3_capabilities "TOP" "USER";
+#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
+#
+#	server {
+#		listen     localhost:110;
+#		protocol   pop3;
+#		proxy      on;
+#	}
+#
+#	server {
+#		listen     localhost:143;
+#		protocol   imap;
+#		proxy      on;
+#	}
+#}