Merge pull request #138 from jav-rojas/jav-rojas

Added 'Users and Privileges' on mysql file and several configs to nginx file
2024-11-22 04:45:16 +00:00 · 2020-10-01 21:34:03 +02:00 · 2020-10-01 21:34:03 +02:00 · fee6bc10ed
commit fee6bc10ed
parent e963b93ded 133bf721ce
2 changed files with 224 additions and 2 deletions
--- a/databases/mysql.sh
+++ b/databases/mysql.sh
@ -7,4 +7,20 @@ mysql -u username -p database_name < file.sql                         # Import d

 SHOW PROCESSLIST; # Show you any queries that are currently running or in the queue to run

-GRANT ALL PRIVILEGES ON mydb.* TO 'myuser'@'%' WITH GRANT OPTION; # Grant **all** privileges on database
+# *****************************************************************************
+# Users and Privileges
+# *****************************************************************************
+
+# Replace 'host' with '%' to indicate any host
+
+CREATE USER 'user'@'host'; # Create user
+DROP USER 'user'@'host'; # Remove user.
+
+GRANT ALL PRIVILEGES ON base.* TO 'user'@'host' IDENTIFIED BY 'password'; # Grant access to database using password
+GRANT SELECT, INSERT, DELETE ON base.* TO 'user'@'host' IDENTIFIED BY 'password'; # Grant specific privileges to database using password
+GRANT ALL PRIVILEGES ON base.* TO 'user'@'host' WITH GRANT OPTION; # Grant **all** privileges on database
+
+REVOKE ALL PRIVILEGES ON base.* FROM 'user'@'host'; # Remove privileges on database
+REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user'@'host'; # Remove **all** privileges on database
+
+FLUSH PRIVILEGES; # Use **only** if you modify grant tables directly using statements like INSERT, UPDATE or DELETE.
--- a/tools/nginx.sh
+++ b/tools/nginx.sh
@ -4,6 +4,212 @@
 ##############################################################################

 sudo nginx -t # Check syntax
+sudo systemctl status nginx # nginx current status
 sudo systemctl reload nginx # Reload nginx
-sudo service nginx restart  # Restart nginx
+sudo systemctl restart nginx  # Restart nginx
 sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/ # Link website
+
+# *****************************************************************************
+# General Settings
+# *****************************************************************************
+
+# Ports
+
+server {
+  # Use HTTP protocol
+  listen 80;
+  
+  # Use HTTPS protocol
+  listen 443 ssl;
+  
+  # Listen on port 80 using IPv6
+  listen [::]:80;
+  
+  # Listen on port 80 using **only** IPv6
+  listen [::]:80 ipv6only=on;
+}
+
+# Domain name (server_name)
+
+server {
+  # Listen to example.com
+  server_name example.com;
+  
+  # Listen to multiple domains
+  server_name example.com www.example.com;
+  
+  # Listen to all sub-domains
+  server_name *.example.com;
+  
+  # Listen to all top-level domains
+  server_name example.*;
+  
+  # Listen to unspecified hostnames (listens to IP address itself)
+  server_name "";
+}
+
+# *****************************************************************************
+# Serving Files 
+# *****************************************************************************
+
+# Static assets (traditional web server)
+
+server {
+    listen 80;
+    server_name example.com;
+
+    root /path/to/website;
+    # root /www/data/ for example
+
+    # If there's no 'root' inside, it will look for /www/data/index.html
+    location / {
+    }
+
+    # If there's no 'root' inside, it will look for /www/data/images/index.html
+    location /images/ {
+    }
+
+    # Since there's 'root' inside, it will look for /www/media/videos/index.html
+    location /videos/ {
+        root /www/media;
+    }
+}
+
+# *****************************************************************************
+# Redirects
+# *****************************************************************************
+
+# 301 Permanent
+
+server {
+    # Redirect www.example.com to example.com
+    listen 80;
+    server_name www.example.com;
+    return 301 http://example.com$request_uri;
+}
+
+server {
+    # Redirect http to https
+    listen 80;
+    server_name example.com;
+    return 301 https://example.com$request_uri;
+}
+
+# 302 Temporary
+
+server {
+  listen 80;
+  server_name yourdomain.com;
+  return 302 http://otherdomain.com;
+}
+
+# *****************************************************************************
+# Reverse proxy
+# *****************************************************************************
+
+# Useful for Node.js, Streamlit, Jupyter, etc
+
+# Basic
+
+server {
+  listen 80;
+  server_name example.com;
+  
+  location / {
+    proxy_pass http://0.0.0.0:3000;
+    # where 0.0.0.0:3000 is your Node.js Server bound on 0.0.0.0 listing on port 3000
+  }
+}
+
+# Basic + (upstream)
+
+upstream node_js {
+  server 0.0.0.0:3000;
+  # where 0.0.0.0:3000 is your Node.js Server bound on 0.0.0.0 listing on port 3000
+}
+
+server {
+  listen 80;
+  server_name example.com;
+  
+  location / {
+    proxy_pass http://node_js;
+  }
+}
+
+# Upgraded Connection (useful for applications with support for WebSockets)
+
+upstream node_js {
+  server 0.0.0.0:3000;
+}
+
+server {
+  listen 80;
+  server_name example.com;
+  
+  location / {
+    proxy_pass http://node_js;
+    proxy_redirect off;
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_set_header Host $host;
+	
+    }
+}
+
+# *****************************************************************************
+# HTTPS Protocol
+# *****************************************************************************
+
+# The majority of SSL options depend on what your application does or needs
+
+server {
+    listen 443 ssl;
+    server_name example.com;
+
+    ssl on;
+
+    ssl_certificate /path/to/cert.pem;
+    ssl_certificate_key /path/to/privkey.pem;
+
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    ssl_trusted_certificate /path/to/fullchain.pem;
+
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:SSL:50m;
+    add_header Strict-Transport-Security max-age=15768000;
+}
+
+# Permanent redirect to HTTPS secured domain
+
+server {
+  listen 80;
+  server_name yourdomain.com;
+  return 301 https://$host$request_uri;
+}
+
+# You can easily secure you website/app using Let's Encrypt.
+# Go https://certbot.eff.org/lets-encrypt/ubuntuxenial-nginx.html for more information
+
+# *****************************************************************************
+# Load Balancing
+# *****************************************************************************
+
+# Useful for large applications running in multiple instances. Below example is for reverse proxy
+upstream node_js {
+  server 0.0.0.0:3000;
+  server 0.0.0.0:4000;
+  server 127.155.142.421;
+}
+
+server {
+  listen 80;
+  server_name example.com;
+  
+  location / {
+    proxy_pass http://node_js;
+  }
+}