From 133bf721ceb7357c9f91f385c79875592ee56388 Mon Sep 17 00:00:00 2001
From: jrojasc <54907635+jav-rojas@users.noreply.github.com>
Date: Thu, 1 Oct 2020 16:28:55 -0300
Subject: [PATCH] Added 'Users and Privileges' in mysql file and several groups
 of config for nginx file

---
 databases/mysql.sh |  18 +++-
 tools/nginx.sh     | 208 ++++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 224 insertions(+), 2 deletions(-)

diff --git a/databases/mysql.sh b/databases/mysql.sh
index 179830e..8b54bb3 100644
--- a/databases/mysql.sh
+++ b/databases/mysql.sh
@@ -7,4 +7,20 @@ mysql -u username -p database_name < file.sql                         # Import d
 
 SHOW PROCESSLIST; # Show you any queries that are currently running or in the queue to run
 
-GRANT ALL PRIVILEGES ON mydb.* TO 'myuser'@'%' WITH GRANT OPTION; # Grant **all** privileges on database
+# *****************************************************************************
+# Users and Privileges
+# *****************************************************************************
+
+# Replace 'host' with '%' to indicate any host
+
+CREATE USER 'user'@'host'; # Create user
+DROP USER 'user'@'host'; # Remove user.
+
+GRANT ALL PRIVILEGES ON base.* TO 'user'@'host' IDENTIFIED BY 'password'; # Grant access to database using password
+GRANT SELECT, INSERT, DELETE ON base.* TO 'user'@'host' IDENTIFIED BY 'password'; # Grant specific privileges to database using password
+GRANT ALL PRIVILEGES ON base.* TO 'user'@'host' WITH GRANT OPTION; # Grant **all** privileges on database
+
+REVOKE ALL PRIVILEGES ON base.* FROM 'user'@'host'; # Remove privileges on database
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user'@'host'; # Remove **all** privileges on database
+
+FLUSH PRIVILEGES; # Use **only** if you modify grant tables directly using statements like INSERT, UPDATE or DELETE.
diff --git a/tools/nginx.sh b/tools/nginx.sh
index ed545e5..bd1c857 100644
--- a/tools/nginx.sh
+++ b/tools/nginx.sh
@@ -4,6 +4,212 @@
 ##############################################################################
 
 sudo nginx -t # Check syntax
+sudo systemctl status nginx # nginx current status
 sudo systemctl reload nginx # Reload nginx
-sudo service nginx restart  # Restart nginx
+sudo systemctl restart nginx  # Restart nginx
 sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/ # Link website
+
+# *****************************************************************************
+# General Settings
+# *****************************************************************************
+
+# Ports
+
+server {
+  # Use HTTP protocol
+  listen 80;
+  
+  # Use HTTPS protocol
+  listen 443 ssl;
+  
+  # Listen on port 80 using IPv6
+  listen [::]:80;
+  
+  # Listen on port 80 using **only** IPv6
+  listen [::]:80 ipv6only=on;
+}
+
+# Domain name (server_name)
+
+server {
+  # Listen to example.com
+  server_name example.com;
+  
+  # Listen to multiple domains
+  server_name example.com www.example.com;
+  
+  # Listen to all sub-domains
+  server_name *.example.com;
+  
+  # Listen to all top-level domains
+  server_name example.*;
+  
+  # Listen to unspecified hostnames (listens to IP address itself)
+  server_name "";
+}
+
+# *****************************************************************************
+# Serving Files 
+# *****************************************************************************
+
+# Static assets (traditional web server)
+
+server {
+    listen 80;
+    server_name example.com;
+
+    root /path/to/website;
+    # root /www/data/ for example
+
+    # If there's no 'root' inside, it will look for /www/data/index.html
+    location / {
+    }
+
+    # If there's no 'root' inside, it will look for /www/data/images/index.html
+    location /images/ {
+    }
+
+    # Since there's 'root' inside, it will look for /www/media/videos/index.html
+    location /videos/ {
+        root /www/media;
+    }
+}
+
+# *****************************************************************************
+# Redirects
+# *****************************************************************************
+
+# 301 Permanent
+
+server {
+    # Redirect www.example.com to example.com
+    listen 80;
+    server_name www.example.com;
+    return 301 http://example.com$request_uri;
+}
+
+server {
+    # Redirect http to https
+    listen 80;
+    server_name example.com;
+    return 301 https://example.com$request_uri;
+}
+
+# 302 Temporary
+
+server {
+  listen 80;
+  server_name yourdomain.com;
+  return 302 http://otherdomain.com;
+}
+
+# *****************************************************************************
+# Reverse proxy
+# *****************************************************************************
+
+# Useful for Node.js, Streamlit, Jupyter, etc
+
+# Basic
+
+server {
+  listen 80;
+  server_name example.com;
+  
+  location / {
+    proxy_pass http://0.0.0.0:3000;
+    # where 0.0.0.0:3000 is your Node.js Server bound on 0.0.0.0 listing on port 3000
+  }
+}
+
+# Basic + (upstream)
+
+upstream node_js {
+  server 0.0.0.0:3000;
+  # where 0.0.0.0:3000 is your Node.js Server bound on 0.0.0.0 listing on port 3000
+}
+
+server {
+  listen 80;
+  server_name example.com;
+  
+  location / {
+    proxy_pass http://node_js;
+  }
+}
+
+# Upgraded Connection (useful for applications with support for WebSockets)
+
+upstream node_js {
+  server 0.0.0.0:3000;
+}
+
+server {
+  listen 80;
+  server_name example.com;
+  
+  location / {
+    proxy_pass http://node_js;
+    proxy_redirect off;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_set_header Host $host;
+	
+    }
+}
+
+# *****************************************************************************
+# HTTPS Protocol
+# *****************************************************************************
+
+# The majority of SSL options depend on what your application does or needs
+
+server {
+    listen 443 ssl;
+    server_name example.com;
+
+    ssl on;
+
+    ssl_certificate /path/to/cert.pem;
+    ssl_certificate_key /path/to/privkey.pem;
+
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    ssl_trusted_certificate /path/to/fullchain.pem;
+
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:SSL:50m;
+    add_header Strict-Transport-Security max-age=15768000;
+}
+
+# Permanent redirect to HTTPS secured domain
+
+server {
+  listen 80;
+  server_name yourdomain.com;
+  return 301 https://$host$request_uri;
+}
+
+# You can easily secure you website/app using Let's Encrypt.
+# Go https://certbot.eff.org/lets-encrypt/ubuntuxenial-nginx.html for more information
+
+# *****************************************************************************
+# Load Balancing
+# *****************************************************************************
+
+# Useful for large applications running in multiple instances. Below example is for reverse proxy
+upstream node_js {
+  server 0.0.0.0:3000;
+  server 0.0.0.0:4000;
+  server 127.155.142.421;
+}
+
+server {
+  listen 80;
+  server_name example.com;
+  
+  location / {
+    proxy_pass http://node_js;
+  }
+}
\ No newline at end of file