Import archived site

2026-01-24 11:45:18 +01:00 · 2026-01-24 11:45:18 +01:00 · 2be24292da
commit 2be24292da
204 changed files with 26591 additions and 0 deletions
--- a/nginx.conf
+++ b/nginx.conf
@ -0,0 +1,111 @@
+server {
+	listen 80 default_server;
+	listen [::]:80;
+
+        server_name lokal.ccc.de local.ccc.de;
+        access_log /dev/null;
+
+        location /.well-known {
+                root /var/plainwww;
+        }
+
+        location / {
+                rewrite ^ https://cpu.ccc.de$request_uri? permanent;
+        }
+}
+
+server {
+	listen443 ssl http2;
+	listen [::]:443 ssl http2;
+
+	server_name cpu.ccc.de;
+
+        ssl on;
+        ssl_certificate /home/acme/.acme.sh/lokal.ccc.de/fullchain.cer;
+        ssl_certificate_key /home/acme/.acme.sh/lokal.ccc.de/lokal.ccc.de.key;
+
+        ssl_session_timeout  5m;
+
+        ssl_protocols TLSv1.2; # TLSv1.1 TLSv1.2 TLSv1 ;
+        ssl_prefer_server_ciphers   on;
+        ssl_session_cache  builtin:1000  shared:SSL:10m;
+        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
+
+	ssl_stapling on;
+	ssl_stapling_verify on;
+	ssl_trusted_certificate /home/acme/.acme.sh/lokal.ccc.de/fullchain.cer;
+	resolver 141.1.1.1;
+
+        ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA';
+
+        access_log /var/log/nginx/access.cpu.ccc.de.log noip;
+
+        gzip on;
+        gzip_disable "MSIE [1-6]\.(?!.*SV1)";
+        gzip_proxied any;
+        gzip_buffers 16 8k;
+        gzip_types text/plain text/html text/css text/xml application/x-javascript application/xml application/xml+rss text/javascript application/javascript text/javascript;
+        gzip_vary on;
+
+        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
+        add_header X-Frame-Options SAMEORIGIN;
+        add_header Cache-Control "max-age=3600, must-revalidate";
+        add_header X-Clacks-Overhead "GNU Terry Pratchett";
+        add_header Content-Security-Policy "default-src 'none'; script-src 'unsafe-eval' 'unsafe-inline' 'self'  ; connect-src wss://cpu.ccc.de 'self' ; img-src 'self' data: blob: filesystem:  ; style-src 'self' 'unsafe-inline' 'unsafe-eval' ;    media-src 'self' ; font-src 'self' data: blob: filesystem; child-src 'self'";
+	add_header X-Content-Type-Options 'nosniff';
+	
+	root /srv/www/cpu.ccc.de;
+
+	index index.html;
+
+	default_type text/plain;
+
+	location / {
+		try_files $uri $uri/ =404;
+
+		location /feed/ {
+			default_type application/rss+xml;
+			types {
+				text/xml	application/rss+xml;
+			}
+		}
+
+		location /rss {
+			default_type application/rss+xml;
+		}
+	}
+}
+
+server {
+
+        listen 443 ssl http2;
+	listen [::]:443 ssl http2;
+
+        server_name lokal.ccc.de local.ccc.de;
+
+	root /srv/www/cpu.ccc.de;
+        access_log /dev/null;
+
+        ssl on;
+        ssl_certificate /home/acme/.acme.sh/lokal.ccc.de/fullchain.cer;
+        ssl_certificate_key /home/acme/.acme.sh/lokal.ccc.de/lokal.ccc.de.key;
+
+        ssl_session_timeout  5m;
+
+        ssl_protocols TLSv1.2; # TLSv1.1 TLSv1.2 TLSv1 ;
+        ssl_prefer_server_ciphers   on;
+        ssl_session_cache  builtin:1000  shared:SSL:10m;
+        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
+
+	ssl_stapling on;
+	ssl_stapling_verify on;
+	ssl_trusted_certificate /home/acme/.acme.sh/lokal.ccc.de/fullchain.cer;
+	resolver 141.1.1.1;
+
+        ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA';
+
+        location / {
+                rewrite ^ https://cpu.ccc.de$request_uri? permanent;
+        }
+}
+