fastgitorg / nginx-conf Goto Github PK

View Code? Open in Web Editor NEW

106.0 10.0 35.0 120 KB

⚙️ Nginx conf of FastGit, core part of fastgit web booster module

License: Other

Markdown 15.17% Shell 84.83%

nginx nginx-proxy github fastgit proxy booster

nginx-conf's People

Contributors

Stargazers

Watchers

nginx-conf's Issues

[PR 前征询意见] 采用诸如 `nginx-ultimate-bad-bot-blocker` 之类的项目替代现有的反击 bot 配置

如题，现在的反黑 bot 配置是这样的：

    # Block search engine
    # if ($http_user_agent ~* "qihoobot|Baiduspider|Bingbot|Googlebot|Googlebot-Mobile|Googlebot-Image|Mediapartners-Google|Adsbot-Google|Feedfetcher-Google|Yahoo! Slurp|Yahoo! Slurp China|YoudaoBot|Sosospider|Sogou spider|Sogou web spider|MSNBot|ia_archiver|Tomato Bot")
    # {
    #     return 403;
    # }

    # Anti Agent Bot DDoS
    # If behind CDN, use folloing commented code
    # if ($http_x_forwarded_for != $remote_addr) {
    #     return 503;
    # }
    if ($proxy_add_x_forwarded_for != $remote_addr) {
        return 503;
    }

——我很欣赏这种土方法，真的（抹眼泪

之所以先发 Issue 来征询意见是因为我使用 nginx-ultimate-bad-bot-blocker 的经验也不是很长，本着负责任的态度，问问看其他人对这个或其他类似项目是怎么看的
我个人网站是无所谓怎么误伤国内访客/爬虫的，但对贵项目来说这个项目却不一定适合，有意向做些考察的话，请参考：https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker

Add raw.fastgit.org

Same to the title. Raw has its own rules which different to hub. It needs more rules to anti abuse.

Bug: 2FA Authentication failed

remote: Invalid username or password.
fatal: Authentication failed for 'https://[email protected]/eurydyce/MDANSE.git/'

[Feature] Gist & GistRaw support required

Release download redirect not supported

[Bug] GitHub.com Release download redirect

The same as the title. :<

[特性] 增加 HTTPS 脚本自动下载

nginx-conf/install-debian10.sh

Lines 84 to 93 in aea1df4

 # TODO: Put Cert 

 mkdir -p /var/www/cert/ 

 echo "Please put cert(fg.pem) and key(fg.key) to /var/www/cert/" 

 echo "Then reload nginx." 

 echo "Thank you! :D" 

 # nginx -t 

 # systemctl start nginx 

 # systemctl reload nginx

增加可用代码检阅配置。可用代码也许为：

pemUrl = 
keyUrl = 
...
if [ -n $pemUrl -a -n $keyUrl]; then
    curl $pemUri > /var/www/cert/fg.pem
    curl $keyUrl > /var/www/cert/fg.key
    systemctl start nginx 
    systemctl reload nginx 
else
    echo "Please put cert(fg.pem) and key(fg.key) to /var/www/cert/" 
    echo "Then reload nginx." 
    echo "Thank you! :D" 
fi

本代码并没有进行任何检测！

希望能对CORS跨域进行支持

现在有个软件通过ajax下载插件，是通过github的/releases/download/来安装的。
由于fastgit的header中没有跨域的相关配置，所以无法在应用中下载到数据。
这里不管是直接使用https://download.fastgit.org/xxx/xxx/releases/download/xxx/xxx.json
还是https://hub.fastgit.org/xxx/xxx/releases/download/xxx/xxx.json
都无法在跨域的情况下访问。

建议添加类似的信息在header里面：

    add_header Access-Control-Allow-Origin *;
    add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
    add_header Access-Control-Allow-Headers 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';

codeload doesn't work

https://codeload.github.com/A/A/legacy.zip/refs/tags/$ will not work.

nginx-conf/archive.fastgit.org.conf

Line 48 in 6c875c5

location ~ ^/[^/]+/[^/]+/archive/ {

we should add a codeload proxy

[功能请求]增加对部分githubusercontent.com域名的代理

issue中插入的图片，域名是user-images.githubusercontent.com
很多项目中md文件中的图片域名是 camo.githubusercontent.com

是否有对 releases api 的支持

https://docs.github.com/en/rest/reference/repos#releases

改写assets 中的 browser_download_url 到使用 download.fastgit.org 域

fatal: The remote end hung up unexpectedly； fatal: early EOF； fatal: index-pack failed

环境：CentOS Linux release 7.6.1810 (Core)
git版本：1.8.3.1
克隆仓库：https://github.com/EpicGames/UnrealEngine.git
代理方式：git config --global url."https://hub.fastgit.org".insteadOf https://github.com 或者 fgit
gitconfig:

[http]
        lowSpeedLimit = 0
        lowSpeedTime = 999999
        postBuffer = 1048576000
[core]
        compression = -1
[url "https://hub.fastgit.org"]
        insteadOf = https://github.com

报错：

...
...
...
...
* Couldn't find host hub.fastgit.org in the .netrc file; using defaults
* About to connect() to hub.fastgit.org port 443 (#2)
*   Trying 101.32.191.80...
* Connected to hub.fastgit.org (101.32.191.80) port 443 (#2)
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
*       subject: CN=*.fastgit.org
*       start date: May 01 14:23:06 2020 GMT
*       expire date: May 02 14:23:06 2021 GMT
*       common name: *.fastgit.org
*       issuer: CN=AlphaSSL CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE
* Server auth using Basic with user 'xxxxxxxxxxxx'
> POST /EpicGames/UnrealEngine.git/git-upload-pack HTTP/1.1
Authorization: Basic xxxxxxxxxxxx
User-Agent: git/1.8.3.1
Host: hub.fastgit.org
Accept-Encoding: gzip
Content-Type: application/x-git-upload-pack-request
Accept: application/x-git-upload-pack-result
Content-Encoding: gzip
Content-Length: 6581

* upload completely sent off: 6581 out of 6581 bytes
< HTTP/1.1 200 OK
< Server: nginx
< Date: Sun, 24 Jan 2021 12:16:29 GMT
< Content-Type: application/x-git-upload-pack-result
< Transfer-Encoding: chunked
< Connection: keep-alive
< expires: Fri, 01 Jan 1980 00:00:00 GMT
< pragma: no-cache
< Cache-Control: no-cache, max-age=0, must-revalidate
< Vary: Accept-Encoding
< X-Frame-Options: DENY
< X-GitHub-Request-Id: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
< x-pjax-url: https://hub.fastgit.org/EpicGames/UnrealEngine.git/git-upload-pack
< X-FastGit-Node: tc-hk-2
< 
packet:   fetch-pack< NAK
packet:   fetch-pack> 0000
packet:   fetch-pack< \2Enumerating objects: 3101936\15
packet:   fetch-pack< \2Enumerating objects: 1, done.
remote: Enumerating objects: 1, done.
packet:   fetch-pack< \2Counting objects: 100% (1/1)\15Counting objects: 100% (1/1), done.
remote: Counting objects: 100% (1/1), done.
trace: run_command: 'index-pack' '--stdin' '-v' '--fix-thin' '--keep=fetch-pack 17086 on <ip>' '--pack_header=2,3101937'
trace: exec: 'git' 'index-pack' '--stdin' '-v' '--fix-thin' '--keep=fetch-pack 17086 on <ip>' '--pack_header=2,3101937'
trace: built-in: git 'index-pack' '--stdin' '-v' '--fix-thin' '--keep=fetch-pack 17086 on <ip>' '--pack_header=2,3101937'
* transfer closed with outstanding read data remaining.35 MiB/s      
* Closing connection 2
error: RPC failed; result=18, HTTP code = 200
fatal: The remote end hung up unexpectedly
fatal: early EOF
fatal: index-pack failed

请求帮助

我在尝试用本项目部署一个Github镜像站, 但是遇到了一些问题.
项目中没有 codeload.fastgit.org.conf 和 customer-stories-feed.fastgit.org.conf
并且镜像站没有办法登录Github账号, 请求 https://域名/sessions/verified-device/mobile_poll 会返回 502

我注意到 `raw.fastgit.org` 没有压缩，而 Github Raw 自身却都压缩了，这是正常的么？

我今天意外发现，同一个 Github 文件，
如果使用 raw.fastgit.org，那么会是原始尺寸，检查头部没有发现压缩相关标识，即没有经过压缩。
如果通过 raw.githubusercontent.com 访问，那么会默认 Gzip 压缩，文件会小很多。

我也去看了一下其他的 Github Raw 加速服务，全部都进行了 Gzip 压缩以此来减少服务器流量、宽带，因此比较奇怪为什么 FastGit 没有这么做，是有什么特殊原因吗？或者这是一个错误？。。。

毕竟适当的压缩等级对服务器压力并不大，但却可以大幅降低服务器流量、宽带。

	# TODO: Put Cert
	mkdir -p /var/www/cert/
	echo "Please put cert(fg.pem) and key(fg.key) to /var/www/cert/"
	echo "Then reload nginx."
	echo "Thank you! :D"

	# nginx -t

	# systemctl start nginx
	# systemctl reload nginx

fastgitorg / nginx-conf Goto Github PK

nginx-conf's People

Contributors

Stargazers

Watchers

Forkers

nginx-conf's Issues

Recommend Projects

Recommend Topics

Recommend Org