streaming/web

streaming/nginx/conf.d/fcgiwrap.conf

@@ -0,0 +1,3 @@
+upstream fcgiwrap {                                                                                                                                                                                                                          
+        server unix:/var/run/fcgiwrap.socket;
+}

streaming/nginx/conf.d/php-fpm-www-pool.conf

@@ -0,0 +1,3 @@
+upstream php-fpm-www-pool {
+	server unix:/var/run/php5-fpm.sock;
+}

streaming/nginx/fastcgi.conf

@@ -0,0 +1,25 @@
+
+fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+fastcgi_param  DOCUMENT_ROOT      $document_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+fastcgi_param  HTTPS              $https if_not_empty;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param  REDIRECT_STATUS    200;

streaming/nginx/fastcgi_params

@@ -0,0 +1,24 @@
+
+fastcgi_param  QUERY_STRING       $query_string;
+fastcgi_param  REQUEST_METHOD     $request_method;
+fastcgi_param  CONTENT_TYPE       $content_type;
+fastcgi_param  CONTENT_LENGTH     $content_length;
+
+fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+fastcgi_param  REQUEST_URI        $request_uri;
+fastcgi_param  DOCUMENT_URI       $document_uri;
+fastcgi_param  DOCUMENT_ROOT      $document_root;
+fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+fastcgi_param  HTTPS              $https if_not_empty;
+
+fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+fastcgi_param  REMOTE_ADDR        $remote_addr;
+fastcgi_param  REMOTE_PORT        $remote_port;
+fastcgi_param  SERVER_ADDR        $server_addr;
+fastcgi_param  SERVER_PORT        $server_port;
+fastcgi_param  SERVER_NAME        $server_name;
+
+# PHP only, required if PHP was built with --enable-force-cgi-redirect
+fastcgi_param  REDIRECT_STATUS    200;

streaming/nginx/koi-utf

@@ -0,0 +1,109 @@
+
+# This map is not a full koi8-r <> utf8 map: it does not contain
+# box-drawing and some other characters.  Besides this map contains
+# several koi8-u and Byelorussian letters which are not in koi8-r.
+# If you need a full and standard map, use contrib/unicode2nginx/koi-utf
+# map instead.
+
+charset_map  koi8-r  utf-8 {
+
+    80  E282AC ; # euro
+
+    95  E280A2 ; # bullet
+
+    9A  C2A0 ;   # &nbsp;
+
+    9E  C2B7 ;   # &middot;
+
+    A3  D191 ;   # small yo
+    A4  D194 ;   # small Ukrainian ye
+
+    A6  D196 ;   # small Ukrainian i
+    A7  D197 ;   # small Ukrainian yi
+
+    AD  D291 ;   # small Ukrainian soft g
+    AE  D19E ;   # small Byelorussian short u
+
+    B0  C2B0 ;   # &deg;
+
+    B3  D081 ;   # capital YO
+    B4  D084 ;   # capital Ukrainian YE
+
+    B6  D086 ;   # capital Ukrainian I
+    B7  D087 ;   # capital Ukrainian YI
+
+    B9  E28496 ; # numero sign
+
+    BD  D290 ;   # capital Ukrainian soft G
+    BE  D18E ;   # capital Byelorussian short U
+
+    BF  C2A9 ;   # (C)
+
+    C0  D18E ;   # small yu
+    C1  D0B0 ;   # small a
+    C2  D0B1 ;   # small b
+    C3  D186 ;   # small ts
+    C4  D0B4 ;   # small d
+    C5  D0B5 ;   # small ye
+    C6  D184 ;   # small f
+    C7  D0B3 ;   # small g
+    C8  D185 ;   # small kh
+    C9  D0B8 ;   # small i
+    CA  D0B9 ;   # small j
+    CB  D0BA ;   # small k
+    CC  D0BB ;   # small l
+    CD  D0BC ;   # small m
+    CE  D0BD ;   # small n
+    CF  D0BE ;   # small o
+
+    D0  D0BF ;   # small p
+    D1  D18F ;   # small ya
+    D2  D180 ;   # small r
+    D3  D181 ;   # small s
+    D4  D182 ;   # small t
+    D5  D183 ;   # small u
+    D6  D0B6 ;   # small zh
+    D7  D0B2 ;   # small v
+    D8  D18C ;   # small soft sign
+    D9  D18B ;   # small y
+    DA  D0B7 ;   # small z
+    DB  D188 ;   # small sh
+    DC  D18D ;   # small e
+    DD  D189 ;   # small shch
+    DE  D187 ;   # small ch
+    DF  D18A ;   # small hard sign
+
+    E0  D0AE ;   # capital YU
+    E1  D090 ;   # capital A
+    E2  D091 ;   # capital B
+    E3  D0A6 ;   # capital TS
+    E4  D094 ;   # capital D
+    E5  D095 ;   # capital YE
+    E6  D0A4 ;   # capital F
+    E7  D093 ;   # capital G
+    E8  D0A5 ;   # capital KH
+    E9  D098 ;   # capital I
+    EA  D099 ;   # capital J
+    EB  D09A ;   # capital K
+    EC  D09B ;   # capital L
+    ED  D09C ;   # capital M
+    EE  D09D ;   # capital N
+    EF  D09E ;   # capital O
+
+    F0  D09F ;   # capital P
+    F1  D0AF ;   # capital YA
+    F2  D0A0 ;   # capital R
+    F3  D0A1 ;   # capital S
+    F4  D0A2 ;   # capital T
+    F5  D0A3 ;   # capital U
+    F6  D096 ;   # capital ZH
+    F7  D092 ;   # capital V
+    F8  D0AC ;   # capital soft sign
+    F9  D0AB ;   # capital Y
+    FA  D097 ;   # capital Z
+    FB  D0A8 ;   # capital SH
+    FC  D0AD ;   # capital E
+    FD  D0A9 ;   # capital SHCH
+    FE  D0A7 ;   # capital CH
+    FF  D0AA ;   # capital hard sign
+}

streaming/nginx/koi-win

@@ -0,0 +1,103 @@
+
+charset_map  koi8-r  windows-1251 {
+
+    80  88 ; # euro
+
+    95  95 ; # bullet
+
+    9A  A0 ; #  
+
+    9E  B7 ; # ·
+
+    A3  B8 ; # small yo
+    A4  BA ; # small Ukrainian ye
+
+    A6  B3 ; # small Ukrainian i
+    A7  BF ; # small Ukrainian yi
+
+    AD  B4 ; # small Ukrainian soft g
+    AE  A2 ; # small Byelorussian short u
+
+    B0  B0 ; # °
+
+    B3  A8 ; # capital YO
+    B4  AA ; # capital Ukrainian YE
+
+    B6  B2 ; # capital Ukrainian I
+    B7  AF ; # capital Ukrainian YI
+
+    B9  B9 ; # numero sign
+
+    BD  A5 ; # capital Ukrainian soft G
+    BE  A1 ; # capital Byelorussian short U
+
+    BF  A9 ; # (C)
+
+    C0  FE ; # small yu
+    C1  E0 ; # small a
+    C2  E1 ; # small b
+    C3  F6 ; # small ts
+    C4  E4 ; # small d
+    C5  E5 ; # small ye
+    C6  F4 ; # small f
+    C7  E3 ; # small g
+    C8  F5 ; # small kh
+    C9  E8 ; # small i
+    CA  E9 ; # small j
+    CB  EA ; # small k
+    CC  EB ; # small l
+    CD  EC ; # small m
+    CE  ED ; # small n
+    CF  EE ; # small o
+
+    D0  EF ; # small p
+    D1  FF ; # small ya
+    D2  F0 ; # small r
+    D3  F1 ; # small s
+    D4  F2 ; # small t
+    D5  F3 ; # small u
+    D6  E6 ; # small zh
+    D7  E2 ; # small v
+    D8  FC ; # small soft sign
+    D9  FB ; # small y
+    DA  E7 ; # small z
+    DB  F8 ; # small sh
+    DC  FD ; # small e
+    DD  F9 ; # small shch
+    DE  F7 ; # small ch
+    DF  FA ; # small hard sign
+
+    E0  DE ; # capital YU
+    E1  C0 ; # capital A
+    E2  C1 ; # capital B
+    E3  D6 ; # capital TS
+    E4  C4 ; # capital D
+    E5  C5 ; # capital YE
+    E6  D4 ; # capital F
+    E7  C3 ; # capital G
+    E8  D5 ; # capital KH
+    E9  C8 ; # capital I
+    EA  C9 ; # capital J
+    EB  CA ; # capital K
+    EC  CB ; # capital L
+    ED  CC ; # capital M
+    EE  CD ; # capital N
+    EF  CE ; # capital O
+
+    F0  CF ; # capital P
+    F1  DF ; # capital YA
+    F2  D0 ; # capital R
+    F3  D1 ; # capital S
+    F4  D2 ; # capital T
+    F5  D3 ; # capital U
+    F6  C6 ; # capital ZH
+    F7  C2 ; # capital V
+    F8  DC ; # capital soft sign
+    F9  DB ; # capital Y
+    FA  C7 ; # capital Z
+    FB  D8 ; # capital SH
+    FC  DD ; # capital E
+    FD  D9 ; # capital SHCH
+    FE  D7 ; # capital CH
+    FF  DA ; # capital hard sign
+}

streaming/nginx/mime.types

@@ -0,0 +1,89 @@
+
+types {
+    text/html                             html htm shtml;
+    text/css                              css;
+    text/xml                              xml;
+    image/gif                             gif;
+    image/jpeg                            jpeg jpg;
+    application/javascript                js;
+    application/atom+xml                  atom;
+    application/rss+xml                   rss;
+
+    text/mathml                           mml;
+    text/plain                            txt;
+    text/vnd.sun.j2me.app-descriptor      jad;
+    text/vnd.wap.wml                      wml;
+    text/x-component                      htc;
+
+    image/png                             png;
+    image/tiff                            tif tiff;
+    image/vnd.wap.wbmp                    wbmp;
+    image/x-icon                          ico;
+    image/x-jng                           jng;
+    image/x-ms-bmp                        bmp;
+    image/svg+xml                         svg svgz;
+    image/webp                            webp;
+
+    application/font-woff                 woff;
+    application/java-archive              jar war ear;
+    application/json                      json;
+    application/mac-binhex40              hqx;
+    application/msword                    doc;
+    application/pdf                       pdf;
+    application/postscript                ps eps ai;
+    application/rtf                       rtf;
+    application/vnd.apple.mpegurl         m3u8;
+    application/vnd.ms-excel              xls;
+    application/vnd.ms-fontobject         eot;
+    application/vnd.ms-powerpoint         ppt;
+    application/vnd.wap.wmlc              wmlc;
+    application/vnd.google-earth.kml+xml  kml;
+    application/vnd.google-earth.kmz      kmz;
+    application/x-7z-compressed           7z;
+    application/x-cocoa                   cco;
+    application/x-java-archive-diff       jardiff;
+    application/x-java-jnlp-file          jnlp;
+    application/x-makeself                run;
+    application/x-perl                    pl pm;
+    application/x-pilot                   prc pdb;
+    application/x-rar-compressed          rar;
+    application/x-redhat-package-manager  rpm;
+    application/x-sea                     sea;
+    application/x-shockwave-flash         swf;
+    application/x-stuffit                 sit;
+    application/x-tcl                     tcl tk;
+    application/x-x509-ca-cert            der pem crt;
+    application/x-xpinstall               xpi;
+    application/xhtml+xml                 xhtml;
+    application/xspf+xml                  xspf;
+    application/zip                       zip;
+
+    application/octet-stream              bin exe dll;
+    application/octet-stream              deb;
+    application/octet-stream              dmg;
+    application/octet-stream              iso img;
+    application/octet-stream              msi msp msm;
+
+    application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
+    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
+    application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;
+
+    audio/midi                            mid midi kar;
+    audio/mpeg                            mp3;
+    audio/ogg                             ogg;
+    audio/x-m4a                           m4a;
+    audio/x-realaudio                     ra;
+
+    video/3gpp                            3gpp 3gp;
+    video/mp2t                            ts;
+    video/mp4                             mp4;
+    video/mpeg                            mpeg mpg;
+    video/quicktime                       mov;
+    video/webm                            webm;
+    video/x-flv                           flv;
+    video/x-m4v                           m4v;
+    video/x-mng                           mng;
+    video/x-ms-asf                        asx asf;
+    video/x-ms-wmv                        wmv;
+    video/x-msvideo                       avi;
+}

streaming/nginx/nginx.conf

@@ -0,0 +1,78 @@
+user www-data;
+worker_processes 1;
+pid /run/nginx.pid;
+
+events {
+	worker_connections 768;
+	# multi_accept on;
+}
+
+http {
+
+	##
+	# Basic Settings
+	##
+
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	keepalive_timeout 65;
+	types_hash_max_size 2048;
+	# server_tokens off;
+
+	# server_names_hash_bucket_size 64;
+	# server_name_in_redirect off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	##
+	# Logging Settings
+	##
+
+	access_log /var/log/nginx/access.log;
+	error_log /var/log/nginx/error.log;
+
+	##
+	# Gzip Settings
+	##
+
+	gzip on;
+	gzip_disable "msie6";
+
+	# gzip_vary on;
+	# gzip_proxied any;
+	# gzip_comp_level 6;
+	# gzip_buffers 16 8k;
+	# gzip_http_version 1.1;
+	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+	##
+	# Virtual Host Configs
+	##
+
+	include /etc/nginx/conf.d/*.conf;
+	include /etc/nginx/sites-enabled/*;
+}
+
+include /etc/nginx/rtmp.conf;
+#mail {
+#	# See sample authentication script at:
+#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
+# 
+#	# auth_http localhost/auth.php;
+#	# pop3_capabilities "TOP" "USER";
+#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
+# 
+#	server {
+#		listen     localhost:110;
+#		protocol   pop3;
+#		proxy      on;
+#	}
+# 
+#	server {
+#		listen     localhost:143;
+#		protocol   imap;
+#		proxy      on;
+#	}
+#}

streaming/nginx/proxy_params

@@ -0,0 +1,4 @@
+proxy_set_header Host $http_host;
+proxy_set_header X-Real-IP $remote_addr;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-Proto $scheme;

streaming/nginx/rtmp.conf

@@ -0,0 +1,24 @@
+rtmp {
+
+    server {
+
+        listen 1935;
+
+        application st {
+            live on;
+
+            hls on;
+            hls_path /home/stream/hls;
+
+            dash on;
+            dash_path /home/stream/dash;
+
+            drop_idle_publisher 20s;
+	record all;
+		record_path /home/stream/dump;
+		record_suffix  -%Y%m%d-%H%M%S.flv;
+
+        }
+
+    }
+}

streaming/nginx/scgi_params

@@ -0,0 +1,16 @@
+
+scgi_param  REQUEST_METHOD     $request_method;
+scgi_param  REQUEST_URI        $request_uri;
+scgi_param  QUERY_STRING       $query_string;
+scgi_param  CONTENT_TYPE       $content_type;
+
+scgi_param  DOCUMENT_URI       $document_uri;
+scgi_param  DOCUMENT_ROOT      $document_root;
+scgi_param  SCGI               1;
+scgi_param  SERVER_PROTOCOL    $server_protocol;
+scgi_param  HTTPS              $https if_not_empty;
+
+scgi_param  REMOTE_ADDR        $remote_addr;
+scgi_param  REMOTE_PORT        $remote_port;
+scgi_param  SERVER_PORT        $server_port;
+scgi_param  SERVER_NAME        $server_name;

streaming/nginx/sites-available/default

@@ -0,0 +1,185 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+server {
+	listen 80 default_server;
+	listen 443 ssl;
+	ssl_certificate /etc/letsencrypt/live/eric.openfest.org/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/eric.openfest.org/privkey.pem;
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	listen [::]:80 default_server;
+
+	# SSL configuration
+	#
+	# listen 443 ssl default_server;
+	# listen [::]:443 ssl default_server;
+	#
+	# Self signed certs generated by the ssl-cert package
+	# Don't use them in a production server!
+	#
+	# include snippets/snakeoil.conf;
+	
+	if ($scheme = http) {
+		return 301 https://eric.openfest.org$request_uri;
+	}	
+	root /var/www/html;
+
+	# Add index.php to the list if you are using PHP
+	index index.html index.htm index.nginx-debian.html;
+
+	server_name _;
+
+	location / {
+		# First attempt to serve request as file, then
+		# as directory, then fall back to displaying a 404.
+		try_files $uri $uri/ =404;
+	}
+
+	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+	#
+	#location ~ \.php$ {
+	#	include snippets/fastcgi-php.conf;
+	#
+	#	# With php5-cgi alone:
+	#	fastcgi_pass 127.0.0.1:9000;
+	#	# With php5-fpm:
+	#	fastcgi_pass unix:/var/run/php5-fpm.sock;
+	#}
+
+	# deny access to .htaccess files, if Apache's document root
+	# concurs with nginx's one
+	#
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+
+	location /of2016status {
+		stub_status on;
+		access_log off;
+	}
+
+#	# disable graphite as it does not work ok with tessera in subdirectory
+#	# serve static content via nginx and not uwsgi
+#	location /content/ {
+#		alias /opt/graphite/webapp/content/;
+#	}
+#
+#	# fix the django/graphite bug for admin
+#	# and serve via nginx
+#	rewrite ^/admin(.*)admin/([^/]+)/([^/]+)\$ /media/\$2/\$3 redirect;
+#	location /media/ {
+#		alias /usr/local/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;
+#	}
+#
+#	# finally pass everything to uwsgi
+#	location ~* ^/(graphite|metrics|dashboard|render|browser|composer) {
+#		add_header Access-Control-Allow-Origin $http_origin;
+#		include uwsgi_params;
+#		uwsgi_pass 127.0.0.1:3031;
+#	}
+
+	# proxy nagios
+	location = /nagios3 {
+		return 301 /nagios3/index.php;
+	}
+	location = /nagios3/ {
+		return 301 /nagios3/index.php;
+	}
+
+	location /nagios3/ {
+		try_files $uri $uri/ =404;
+		auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+
+		rewrite ^/nagios3/(.*) /$1 break;
+
+		root /usr/share/nagios3/htdocs;
+
+		index index.php;
+	}
+
+        location /nagios3/stylesheets {
+		auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+
+                alias /etc/nagios3/stylesheets/;
+        }
+
+	location ~ ^/nagios3/.*\.php$ {
+        	auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+
+		root /usr/share/nagios3/htdocs;
+		rewrite ^/nagios3/(.*) /$1 break;
+		fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+		fastcgi_param  QUERY_STRING       $query_string;
+		fastcgi_param  REQUEST_METHOD     $request_method;
+		fastcgi_param  CONTENT_TYPE       $content_type;
+		fastcgi_param  CONTENT_LENGTH     $content_length;
+
+		fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+		fastcgi_param  REQUEST_URI        $request_uri;
+		fastcgi_param  DOCUMENT_URI       $document_uri;
+		fastcgi_param  DOCUMENT_ROOT      $document_root;
+		fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+		fastcgi_param  HTTPS              $https if_not_empty;
+
+		fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+		fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+		fastcgi_param  REMOTE_ADDR        $remote_addr;
+		fastcgi_param  REMOTE_PORT        $remote_port;
+		fastcgi_param  SERVER_ADDR        $server_addr;
+		fastcgi_param  SERVER_PORT        $server_port;
+		fastcgi_param  SERVER_NAME        $server_name;
+
+		# PHP only, required if PHP was built with --enable-force-cgi-redirect
+		fastcgi_param  REDIRECT_STATUS    200;
+		fastcgi_param HTTP_PROXY "";
+
+		fastcgi_pass php-fpm-www-pool;
+	}
+
+	location /cgi-bin/nagios3 {
+		auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+		#proxy_pass http://localhost:8081/cgi-bin/nagios3;
+	}
+
+        location ~ \.cgi$ {
+        	auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+
+                root /usr/lib/cgi-bin/nagios3;
+                
+                rewrite ^/cgi-bin/nagios3/(.*)$ /$1;
+                
+                include /etc/nginx/fastcgi_params;
+                
+                fastcgi_param AUTH_USER $remote_user;
+                fastcgi_param REMOTE_USER $remote_user;
+                fastcgi_param SCRIPT_FILENAME /usr/lib/cgi-bin/nagios3$fastcgi_script_name;
+                
+                fastcgi_pass fcgiwrap;
+        }
+
+	location /grafana/ {
+		proxy_pass http://localhost:3000/;
+		proxy_set_header   Host $host;
+	}
+}
+
+

streaming/nginx/sites-available/default.dpkg-dist

@@ -0,0 +1,83 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+server {
+	listen 80 default_server;
+	listen [::]:80 default_server;
+
+	# SSL configuration
+	#
+	# listen 443 ssl default_server;
+	# listen [::]:443 ssl default_server;
+	#
+	# Self signed certs generated by the ssl-cert package
+	# Don't use them in a production server!
+	# include snippets/snakeoil.conf;
+	#
+	# ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE
+	# ssl_ciphers HIGH:!aNULL:!MD5;
+	# ssl_prefer_server_ciphers on;
+
+	root /var/www/html;
+
+	# Add index.php to the list if you are using PHP
+	index index.html index.htm index.nginx-debian.html;
+
+	server_name _;
+
+	location / {
+		# First attempt to serve request as file, then
+		# as directory, then fall back to displaying a 404.
+		try_files $uri $uri/ =404;
+	}
+
+	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+	#
+	#location ~ \.php$ {
+	#	include snippets/fastcgi-php.conf;
+	#
+	#	# With php5-cgi alone:
+	#	fastcgi_pass 127.0.0.1:9000;
+	#	# With php5-fpm:
+	#	fastcgi_pass unix:/var/run/php5-fpm.sock;
+	#}
+
+	# deny access to .htaccess files, if Apache's document root
+	# concurs with nginx's one
+	#
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+}
+
+
+# Virtual Host configuration for example.com
+#
+# You can move that to a different file under sites-available/ and symlink that
+# to sites-enabled/ to enable it.
+#
+#server {
+#	listen 80;
+#	listen [::]:80;
+#
+#	server_name example.com;
+#
+#	root /var/www/example.com;
+#	index index.html;
+#
+#	location / {
+#		try_files $uri $uri/ =404;
+#	}
+#}

streaming/nginx/sites-available/graphite-8080

@@ -0,0 +1,92 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+server {
+	listen 8080 default_server;
+	listen [::]:8080 default_server;
+
+	# SSL configuration
+	#
+	# listen 443 ssl default_server;
+	# listen [::]:443 ssl default_server;
+	#
+	# Self signed certs generated by the ssl-cert package
+	# Don't use them in a production server!
+	#
+	# include snippets/snakeoil.conf;
+
+	root /var/www/html;
+
+	# Add index.php to the list if you are using PHP
+	index index.html index.htm index.nginx-debian.html;
+
+	server_name _;
+
+#	location / {
+#		# First attempt to serve request as file, then
+#		# as directory, then fall back to displaying a 404.
+#		try_files $uri $uri/ =404;
+#	}
+
+	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+	#
+	#location ~ \.php$ {
+	#	include snippets/fastcgi-php.conf;
+	#
+	#	# With php5-cgi alone:
+	#	fastcgi_pass 127.0.0.1:9000;
+	#	# With php5-fpm:
+	#	fastcgi_pass unix:/var/run/php5-fpm.sock;
+	#}
+
+	# deny access to .htaccess files, if Apache's document root
+	# concurs with nginx's one
+	#
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+
+	location /of2015status {
+		stub_status on;
+		access_log off;
+	}
+
+	# serve static content via nginx and not uwsgi
+	location /content/ {
+		alias /opt/graphite/webapp/content/;
+	}
+
+	# fix the django/graphite bug for admin
+	# and serve via nginx
+	rewrite ^/admin(.*)admin/([^/]+)/([^/]+)\$ /media/\$2/\$3 redirect;
+	location /media/ {
+		alias /usr/local/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;
+	}
+
+	# finally pass everything to uwsgi
+#	location ~* ^/(graphite|metrics|dashboard|render|browser|composer) {
+#		add_header Access-Control-Allow-Origin $http_origin;
+#		include uwsgi_params;
+#		uwsgi_pass 127.0.0.1:3031;
+#	}
+
+	location / {
+		add_header Access-Control-Allow-Origin $http_origin;
+		include uwsgi_params;
+		uwsgi_pass 127.0.0.1:3031;
+	
+	}
+}
+

streaming/nginx/sites-available/lede.conf

@@ -0,0 +1,101 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+server {
+	listen 80 default_server;
+	listen [::]:80 default_server;
+
+	# SSL configuration
+	#
+	# listen 443 ssl default_server;
+	# listen [::]:443 ssl default_server;
+	#
+	# Self signed certs generated by the ssl-cert package
+	# Don't use them in a production server!
+	#
+	# include snippets/snakeoil.conf;
+
+	root /var/www/html;
+
+	# Add index.php to the list if you are using PHP
+	index index.html index.htm index.nginx-debian.html;
+
+	server_name _;
+
+	location / {
+		# First attempt to serve request as file, then
+		# as directory, then fall back to displaying a 404.
+		try_files $uri $uri/ =404;
+	}
+
+	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+	#
+	#location ~ \.php$ {
+	#	include snippets/fastcgi-php.conf;
+	#
+	#	# With php5-cgi alone:
+	#	fastcgi_pass 127.0.0.1:9000;
+	#	# With php5-fpm:
+	#	fastcgi_pass unix:/var/run/php5-fpm.sock;
+	#}
+
+	# deny access to .htaccess files, if Apache's document root
+	# concurs with nginx's one
+	#
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+
+	location /of2016status {
+		stub_status on;
+		access_log off;
+	}
+
+#	# disable graphite as it does not work ok with tessera in subdirectory
+#	# serve static content via nginx and not uwsgi
+#	location /content/ {
+#		alias /opt/graphite/webapp/content/;
+#	}
+#
+#	# fix the django/graphite bug for admin
+#	# and serve via nginx
+#	rewrite ^/admin(.*)admin/([^/]+)/([^/]+)\$ /media/\$2/\$3 redirect;
+#	location /media/ {
+#		alias /usr/local/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;
+#	}
+#
+#	# finally pass everything to uwsgi
+#	location ~* ^/(graphite|metrics|dashboard|render|browser|composer) {
+#		add_header Access-Control-Allow-Origin $http_origin;
+#		include uwsgi_params;
+#		uwsgi_pass 127.0.0.1:3031;
+#	}
+
+	# proxy nagios
+	location /nagios3 {
+		proxy_pass http://localhost:8081/nagios3;
+	}
+
+	location /cgi-bin/nagios3 {
+		proxy_pass http://localhost:8081/cgi-bin/nagios3;
+	}
+
+	location /grafana/ {
+		proxy_pass http://localhost:3000/;
+		proxy_set_header   Host $host;
+	}
+}
+
+

streaming/nginx/sites-available/restream.conf

@@ -0,0 +1,33 @@
+
+server {
+	listen	   0.0.0.0:80;
+	server_name  strm.ludost.net stream.openfest.org streaming.openfest.org eric-stream.openfest.org 10.23.0.1;
+
+
+	client_max_body_size 21M;
+
+	location / {
+		root   /home/stream;
+		index  index.html index.htm;
+		if ($request_method = 'GET') {
+			add_header 'Access-Control-Allow-Origin' '*';
+			add_header 'Access-Control-Allow-Credentials' 'true';
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+			add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+		}
+	}
+
+
+	location /stats {
+		rtmp_stat all;
+		rtmp_stat_stylesheet /stat.xsl;
+	}
+
+	error_page   500 502 503 504  /50x.html;
+	location = /50x.html {
+		root   /usr/share/nginx/html;
+	}
+
+
+}
+

streaming/nginx/sites-available/tessera

@@ -0,0 +1,27 @@
+server {
+	server_name tessera.openfest.org;
+
+	listen 80;
+	listen [::]:80;
+
+	root /var/www/html;
+client_max_body_size 500M;
+
+        location / {
+#		limit_except GET{
+#			auth_basic "NO";
+#			auth_basic_user_file "/etc/nagios3/htpasswd.users";
+#		}
+		try_files $uri @tessera;
+	}
+
+	# protect /api
+
+        location @tessera {
+                include uwsgi_params;
+#                uwsgi_param SCRIPT_NAME tessera;
+                uwsgi_modifier1 30;
+                uwsgi_pass 127.0.0.1:3032;
+        }
+}
+

streaming/nginx/sites-available/vk.conf

@@ -0,0 +1,39 @@
+server {
+	listen 80;
+	listen [::]:80;
+
+
+	root /home/vc/var/www;
+
+	# Add index.php to the list if you are using PHP
+	index index.html index.htm index.nginx-debian.html;
+
+	server_name t-voc.ludost.net;
+
+	location / {
+		# First attempt to serve request as file, then
+		# as directory, then fall back to displaying a 404.
+		try_files $uri $uri/ =404;
+	}
+
+	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+	#
+	location ~ \.php$ {
+		include snippets/fastcgi-php.conf;
+	#
+	#	# With php5-cgi alone:
+	#	fastcgi_pass 127.0.0.1:9000;
+	#	# With php5-fpm:
+		fastcgi_pass unix:/var/run/php5-fpm.sock;
+	}
+
+	# deny access to .htaccess files, if Apache's document root
+	# concurs with nginx's one
+	#
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+
+}
+
+

streaming/nginx/sites-enabled/default

@@ -0,0 +1,185 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+server {
+	listen 80 default_server;
+	listen 443 ssl;
+	ssl_certificate /etc/letsencrypt/live/eric.openfest.org/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/eric.openfest.org/privkey.pem;
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+	ssl_ciphers HIGH:!aNULL:!MD5;
+	listen [::]:80 default_server;
+
+	# SSL configuration
+	#
+	# listen 443 ssl default_server;
+	# listen [::]:443 ssl default_server;
+	#
+	# Self signed certs generated by the ssl-cert package
+	# Don't use them in a production server!
+	#
+	# include snippets/snakeoil.conf;
+	
+	if ($scheme = http) {
+		return 301 https://eric.openfest.org$request_uri;
+	}	
+	root /var/www/html;
+
+	# Add index.php to the list if you are using PHP
+	index index.html index.htm index.nginx-debian.html;
+
+	server_name _;
+
+	location / {
+		# First attempt to serve request as file, then
+		# as directory, then fall back to displaying a 404.
+		try_files $uri $uri/ =404;
+	}
+
+	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+	#
+	#location ~ \.php$ {
+	#	include snippets/fastcgi-php.conf;
+	#
+	#	# With php5-cgi alone:
+	#	fastcgi_pass 127.0.0.1:9000;
+	#	# With php5-fpm:
+	#	fastcgi_pass unix:/var/run/php5-fpm.sock;
+	#}
+
+	# deny access to .htaccess files, if Apache's document root
+	# concurs with nginx's one
+	#
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+
+	location /of2018status {
+		stub_status on;
+		access_log off;
+	}
+
+#	# disable graphite as it does not work ok with tessera in subdirectory
+#	# serve static content via nginx and not uwsgi
+#	location /content/ {
+#		alias /opt/graphite/webapp/content/;
+#	}
+#
+#	# fix the django/graphite bug for admin
+#	# and serve via nginx
+#	rewrite ^/admin(.*)admin/([^/]+)/([^/]+)\$ /media/\$2/\$3 redirect;
+#	location /media/ {
+#		alias /usr/local/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;
+#	}
+#
+#	# finally pass everything to uwsgi
+#	location ~* ^/(graphite|metrics|dashboard|render|browser|composer) {
+#		add_header Access-Control-Allow-Origin $http_origin;
+#		include uwsgi_params;
+#		uwsgi_pass 127.0.0.1:3031;
+#	}
+
+	# proxy nagios
+	location = /nagios3 {
+		return 301 /nagios3/index.php;
+	}
+	location = /nagios3/ {
+		return 301 /nagios3/index.php;
+	}
+
+	location /nagios3/ {
+		try_files $uri $uri/ =404;
+		auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+
+		rewrite ^/nagios3/(.*) /$1 break;
+
+		root /usr/share/nagios3/htdocs;
+
+		index index.php;
+	}
+
+        location /nagios3/stylesheets {
+		auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+
+                alias /etc/nagios3/stylesheets/;
+        }
+
+	location ~ ^/nagios3/.*\.php$ {
+        	auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+
+		root /usr/share/nagios3/htdocs;
+		rewrite ^/nagios3/(.*) /$1 break;
+		fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+		fastcgi_param  QUERY_STRING       $query_string;
+		fastcgi_param  REQUEST_METHOD     $request_method;
+		fastcgi_param  CONTENT_TYPE       $content_type;
+		fastcgi_param  CONTENT_LENGTH     $content_length;
+
+		fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
+		fastcgi_param  REQUEST_URI        $request_uri;
+		fastcgi_param  DOCUMENT_URI       $document_uri;
+		fastcgi_param  DOCUMENT_ROOT      $document_root;
+		fastcgi_param  SERVER_PROTOCOL    $server_protocol;
+		fastcgi_param  HTTPS              $https if_not_empty;
+
+		fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
+		fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
+
+		fastcgi_param  REMOTE_ADDR        $remote_addr;
+		fastcgi_param  REMOTE_PORT        $remote_port;
+		fastcgi_param  SERVER_ADDR        $server_addr;
+		fastcgi_param  SERVER_PORT        $server_port;
+		fastcgi_param  SERVER_NAME        $server_name;
+
+		# PHP only, required if PHP was built with --enable-force-cgi-redirect
+		fastcgi_param  REDIRECT_STATUS    200;
+		fastcgi_param HTTP_PROXY "";
+
+		fastcgi_pass php-fpm-www-pool;
+	}
+
+	location /cgi-bin/nagios3 {
+		auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+		#proxy_pass http://localhost:8081/cgi-bin/nagios3;
+	}
+
+        location ~ \.cgi$ {
+        	auth_basic "Nagios";
+		auth_basic_user_file /etc/nagios3/htpasswd.users;
+
+                root /usr/lib/cgi-bin/nagios3;
+                
+                rewrite ^/cgi-bin/nagios3/(.*)$ /$1;
+                
+                include /etc/nginx/fastcgi_params;
+                
+                fastcgi_param AUTH_USER $remote_user;
+                fastcgi_param REMOTE_USER $remote_user;
+                fastcgi_param SCRIPT_FILENAME /usr/lib/cgi-bin/nagios3$fastcgi_script_name;
+                
+                fastcgi_pass fcgiwrap;
+        }
+
+	location /grafana/ {
+		proxy_pass http://localhost:3000/;
+		proxy_set_header   Host $host;
+	}
+}
+
+

streaming/nginx/sites-enabled/graphite-8080

@@ -0,0 +1,92 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# http://wiki.nginx.org/Pitfalls
+# http://wiki.nginx.org/QuickStart
+# http://wiki.nginx.org/Configuration
+#
+# Generally, you will want to move this file somewhere, and start with a clean
+# file but keep this around for reference. Or just disable in sites-enabled.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+# Default server configuration
+#
+server {
+	listen 8080 default_server;
+	listen [::]:8080 default_server;
+
+	# SSL configuration
+	#
+	# listen 443 ssl default_server;
+	# listen [::]:443 ssl default_server;
+	#
+	# Self signed certs generated by the ssl-cert package
+	# Don't use them in a production server!
+	#
+	# include snippets/snakeoil.conf;
+
+	root /var/www/html;
+
+	# Add index.php to the list if you are using PHP
+	index index.html index.htm index.nginx-debian.html;
+
+	server_name _;
+
+#	location / {
+#		# First attempt to serve request as file, then
+#		# as directory, then fall back to displaying a 404.
+#		try_files $uri $uri/ =404;
+#	}
+
+	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+	#
+	#location ~ \.php$ {
+	#	include snippets/fastcgi-php.conf;
+	#
+	#	# With php5-cgi alone:
+	#	fastcgi_pass 127.0.0.1:9000;
+	#	# With php5-fpm:
+	#	fastcgi_pass unix:/var/run/php5-fpm.sock;
+	#}
+
+	# deny access to .htaccess files, if Apache's document root
+	# concurs with nginx's one
+	#
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+
+	location /of2018status {
+		stub_status on;
+		access_log off;
+	}
+
+	# serve static content via nginx and not uwsgi
+	location /content/ {
+		alias /opt/graphite/webapp/content/;
+	}
+
+	# fix the django/graphite bug for admin
+	# and serve via nginx
+	rewrite ^/admin(.*)admin/([^/]+)/([^/]+)\$ /media/\$2/\$3 redirect;
+	location /media/ {
+		alias /usr/local/lib/python2.7/dist-packages/django/contrib/admin/static/admin/;
+	}
+
+	# finally pass everything to uwsgi
+#	location ~* ^/(graphite|metrics|dashboard|render|browser|composer) {
+#		add_header Access-Control-Allow-Origin $http_origin;
+#		include uwsgi_params;
+#		uwsgi_pass 127.0.0.1:3031;
+#	}
+
+	location / {
+		add_header Access-Control-Allow-Origin $http_origin;
+		include uwsgi_params;
+		uwsgi_pass 127.0.0.1:3031;
+	
+	}
+}
+

streaming/nginx/sites-enabled/restream.conf

@@ -0,0 +1,33 @@
+
+server {
+	listen	   0.0.0.0:80;
+	server_name  strm.ludost.net stream.openfest.org streaming.openfest.org eric-stream.openfest.org 10.23.0.1;
+
+
+	client_max_body_size 21M;
+
+	location / {
+		root   /home/stream;
+		index  index.html index.htm;
+		if ($request_method = 'GET') {
+			add_header 'Access-Control-Allow-Origin' '*';
+			add_header 'Access-Control-Allow-Credentials' 'true';
+			add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+			add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+		}
+	}
+
+
+	location /stats {
+		rtmp_stat all;
+		rtmp_stat_stylesheet /stat.xsl;
+	}
+
+	error_page   500 502 503 504  /50x.html;
+	location = /50x.html {
+		root   /usr/share/nginx/html;
+	}
+
+
+}
+

streaming/nginx/snippets/fastcgi-php.conf

@@ -0,0 +1,13 @@
+# regex to split $uri to $fastcgi_script_name and $fastcgi_path
+fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
+# Check that the PHP script exists before passing it
+try_files $fastcgi_script_name =404;
+
+# Bypass the fact that try_files resets $fastcgi_path_info
+# see: http://trac.nginx.org/nginx/ticket/321
+set $path_info $fastcgi_path_info;
+fastcgi_param PATH_INFO $path_info;
+
+fastcgi_index index.php;
+include fastcgi.conf;

streaming/nginx/snippets/snakeoil.conf

@@ -0,0 +1,5 @@
+# Self signed certificates generated by the ssl-cert package
+# Don't use them in a production server!
+
+ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
+ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

streaming/nginx/uwsgi_params

@@ -0,0 +1,16 @@
+
+uwsgi_param  QUERY_STRING       $query_string;
+uwsgi_param  REQUEST_METHOD     $request_method;
+uwsgi_param  CONTENT_TYPE       $content_type;
+uwsgi_param  CONTENT_LENGTH     $content_length;
+
+uwsgi_param  REQUEST_URI        $request_uri;
+uwsgi_param  PATH_INFO          $document_uri;
+uwsgi_param  DOCUMENT_ROOT      $document_root;
+uwsgi_param  SERVER_PROTOCOL    $server_protocol;
+uwsgi_param  HTTPS              $https if_not_empty;
+
+uwsgi_param  REMOTE_ADDR        $remote_addr;
+uwsgi_param  REMOTE_PORT        $remote_port;
+uwsgi_param  SERVER_PORT        $server_port;
+uwsgi_param  SERVER_NAME        $server_name;

streaming/nginx/win-utf

@@ -0,0 +1,125 @@
+# This map is not a full windows-1251 <> utf8 map: it does not
+# contain Serbian and Macedonian letters.	If you need a full map,
+# use contrib/unicode2nginx/win-utf map instead.
+
+charset_map	windows-1251	utf-8 {
+
+	82	E2809A; # single low-9 quotation mark
+
+	84	E2809E; # double low-9 quotation mark
+	85	E280A6; # ellipsis
+	86	E280A0; # dagger
+	87	E280A1; # double dagger
+	88	E282AC; # euro
+	89	E280B0; # per mille
+
+	91	E28098; # left single quotation mark
+	92	E28099; # right single quotation mark
+	93	E2809C; # left double quotation mark
+	94	E2809D; # right double quotation mark
+	95	E280A2; # bullet
+	96	E28093; # en dash
+	97	E28094; # em dash
+
+	99	E284A2; # trade mark sign
+
+	A0	C2A0;   # &nbsp;
+	A1	D18E;   # capital Byelorussian short U
+	A2	D19E;   # small Byelorussian short u
+
+	A4	C2A4;   # currency sign
+	A5	D290;   # capital Ukrainian soft G
+	A6	C2A6;   # borken bar
+	A7	C2A7;   # section sign
+	A8	D081;   # capital YO
+	A9	C2A9;   # (C)
+	AA	D084;   # capital Ukrainian YE
+	AB	C2AB;   # left-pointing double angle quotation mark
+	AC	C2AC;   # not sign
+	AD	C2AD;   # soft hypen
+	AE	C2AE;   # (R)
+	AF	D087;   # capital Ukrainian YI
+
+	B0	C2B0;   # &deg;
+	B1	C2B1;   # plus-minus sign
+	B2	D086;   # capital Ukrainian I
+	B3	D196;   # small Ukrainian i
+	B4	D291;   # small Ukrainian soft g
+	B5	C2B5;   # micro sign
+	B6	C2B6;   # pilcrow sign
+	B7	C2B7;   # &middot;
+	B8	D191;   # small yo
+	B9	E28496; # numero sign
+	BA	D194;   # small Ukrainian ye
+	BB	C2BB;   # right-pointing double angle quotation mark
+
+	BF	D197;   # small Ukrainian yi
+
+	C0	D090;   # capital A
+	C1	D091;   # capital B
+	C2	D092;   # capital V
+	C3	D093;   # capital G
+	C4	D094;   # capital D
+	C5	D095;   # capital YE
+	C6	D096;   # capital ZH
+	C7	D097;   # capital Z
+	C8	D098;   # capital I
+	C9	D099;   # capital J
+	CA	D09A;   # capital K
+	CB	D09B;   # capital L
+	CC	D09C;   # capital M
+	CD	D09D;   # capital N
+	CE	D09E;   # capital O
+	CF	D09F;   # capital P
+
+	D0	D0A0;   # capital R
+	D1	D0A1;   # capital S
+	D2	D0A2;   # capital T
+	D3	D0A3;   # capital U
+	D4	D0A4;   # capital F
+	D5	D0A5;   # capital KH
+	D6	D0A6;   # capital TS
+	D7	D0A7;   # capital CH
+	D8	D0A8;   # capital SH
+	D9	D0A9;   # capital SHCH
+	DA	D0AA;   # capital hard sign
+	DB	D0AB;   # capital Y
+	DC	D0AC;   # capital soft sign
+	DD	D0AD;   # capital E
+	DE	D0AE;   # capital YU
+	DF	D0AF;   # capital YA
+
+	E0	D0B0;   # small a
+	E1	D0B1;   # small b
+	E2	D0B2;   # small v
+	E3	D0B3;   # small g
+	E4	D0B4;   # small d
+	E5	D0B5;   # small ye
+	E6	D0B6;   # small zh
+	E7	D0B7;   # small z
+	E8	D0B8;   # small i
+	E9	D0B9;   # small j
+	EA	D0BA;   # small k
+	EB	D0BB;   # small l
+	EC	D0BC;   # small m
+	ED	D0BD;   # small n
+	EE	D0BE;   # small o
+	EF	D0BF;   # small p
+
+	F0	D180;   # small r
+	F1	D181;   # small s
+	F2	D182;   # small t
+	F3	D183;   # small u
+	F4	D184;   # small f
+	F5	D185;   # small kh
+	F6	D186;   # small ts
+	F7	D187;   # small ch
+	F8	D188;   # small sh
+	F9	D189;   # small shch
+	FA	D18A;   # small hard sign
+	FB	D18B;   # small y
+	FC	D18C;   # small soft sign
+	FD	D18D;   # small e
+	FE	D18E;   # small yu
+	FF	D18F;   # small ya
+}