Initial commit - QBPOS Help

2026-01-27 18:07:54 -06:00
commit e3d556b732
2307 changed files with 219842 additions and 0 deletions
--- a/config/qbpos-help-ssl.conf
+++ b/config/qbpos-help-ssl.conf
@@ -0,0 +1,81 @@
+# Nginx Configuration for quickbooksposhelp.access.ly
+# With SSL/HTTPS support
+
+# Redirect HTTP to HTTPS
+server {
+    listen 80;
+    listen [::]:80;
+    
+    server_name quickbookposhelp.access.ly;
+    
+    # Redirect all HTTP requests to HTTPS
+    return 301 https://$server_name$request_uri;
+}
+
+# HTTPS Server
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    
+    server_name quickbookposhelp.access.ly;
+    
+    # SSL Certificate paths (will be updated by certbot)
+    ssl_certificate /etc/letsencrypt/live/quickbookposhelp.access.ly/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/quickbookposhelp.access.ly/privkey.pem;
+    
+    # SSL Configuration - Modern and Secure
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
+    ssl_prefer_server_ciphers off;
+    ssl_session_cache shared:SSL:10m;
+    ssl_session_timeout 10m;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    
+    # Document root
+    root /home/pts/Documents/QBPOS_Help_Web/QB_Help_Web;
+    index POS_Help.html;
+    
+    # Access and error logs
+    access_log /var/log/nginx/qbpos-access.log combined buffer=32k;
+    error_log /var/log/nginx/qbpos-error.log warn;
+    
+    # Gzip compression
+    gzip on;
+    gzip_vary on;
+    gzip_min_length 1024;
+    gzip_types text/plain text/css text/xml text/javascript 
+               application/x-javascript application/xml+rss 
+               application/javascript application/json text/html;
+    
+    # Static asset caching (1 year for images, icons)
+    location ~* \.(gif|jpg|jpeg|png|ico|css|js)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        access_log off;
+    }
+    
+    # HTML files cache for 1 hour
+    location ~* \.(html|htm)$ {
+        expires 1h;
+        add_header Cache-Control "public, must-revalidate";
+    }
+    
+    # Main location
+    location / {
+        try_files $uri $uri/ =404;
+    }
+    
+    # Security headers
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Referrer-Policy "no-referrer-when-downgrade" always;
+    
+    # Deny access to hidden files
+    location ~ /\. {
+        deny all;
+        access_log off;
+        log_not_found off;
+    }
+}