[+] update nginx config

1. add drop_by_user_agent section
    for ssl servers;
  1.1. ban traffic from openai.com/gptbot;

d1/nginx_config.py

@@ -1,4 +1,5 @@
 import json
+import re
 import socket
 import os
 import io
@@ -312,6 +313,11 @@ server {
     deny all;
   }
 
+  location ~ ^/.well-known/acme-challenge/ {
+    alias /var/www/;
+    try_files $uri =404;
+  }
+
   location ~ {
     deny all;
   }
@@ -374,6 +380,23 @@ server {
         else:
           http_location = location_forward_ssl
 
+        drop_by_user_agent = ''
+
+        if not server.get('drop_by_user_agent') is None:
+          r = re.compile('^([a-zA-Z0-9\s\.\,\(\)]+)$')
+          user_agent_list = [
+            r.match(o)[1]
+            for o in server.get('drop_by_user_agent')
+          ]
+          drop_by_user_agent = r'''
+          if ( $http_user_agent ~ ({user_agent_list}) ) {
+            return 444;
+          }
+          '''.replace(
+            '{user_agent_list}',
+            '|'.join(user_agent_list)
+          )
+
         servers.append(
             r'''
 server {
@@ -410,6 +433,8 @@ server {
   ssl_certificate {signed_chain_cert};
   ssl_certificate_key {domain_key};
 
+  {drop_by_user_agent}
+
   location ^~ / {
     proxy_set_header Host $http_host;
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@@ -430,6 +455,8 @@ server {
                   '{client_max_body_size}', server['client_max_body_size'],
               ).replace(
                   '{domain_key}', server['domain_key'],
+              ).replace(
+                  '{drop_by_user_agent}', drop_by_user_agent,
               ).replace(
                   '{ssl_port}', '%d' % ssl_port,
               ).replace(