diff options
Diffstat (limited to 'gerboweb/deploy/nginx.conf')
-rw-r--r-- | gerboweb/deploy/nginx.conf | 50 |
1 files changed, 46 insertions, 4 deletions
diff --git a/gerboweb/deploy/nginx.conf b/gerboweb/deploy/nginx.conf index 744bd01..d46c394 100644 --- a/gerboweb/deploy/nginx.conf +++ b/gerboweb/deploy/nginx.conf @@ -88,7 +88,6 @@ http { listen 443 ssl http2; listen [::]:443 ssl http2; server_name blog.jaseg.net; - root /usr/share/nginx/html; ssl_certificate "/etc/letsencrypt/live/blog.jaseg.net/fullchain.pem"; ssl_certificate_key "/etc/letsencrypt/live/blog.jaseg.net/privkey.pem"; @@ -103,11 +102,33 @@ http { add_header Strict-Transport-Security "max-age=86400"; + return 301 https://blog.jaseg.de$request_uri; + } + + server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name blog.jaseg.de; + root /usr/share/nginx/html; + + ssl_certificate "/etc/letsencrypt/live/blog.jaseg.de/fullchain.pem"; + ssl_certificate_key "/etc/letsencrypt/live/blog.jaseg.de/privkey.pem"; + ssl_dhparam "/etc/letsencrypt/ssl-dhparams.pem"; + include /etc/letsencrypt/options-ssl-nginx.conf; + + ssl_stapling on; + ssl_stapling_verify on; + + resolver 67.207.67.2 67.207.67.3 valid=300s; + resolver_timeout 10s; + + add_header Strict-Transport-Security "max-age=86400"; + # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; location / { - root /var/www/blog.jaseg.net; + root /var/www/blog.jaseg.de; } location /d/ { @@ -327,7 +348,6 @@ http { listen 443 ssl http2; listen [::]:443 ssl http2; server_name git.jaseg.net; - root /usr/share/nginx/html; ssl_certificate "/etc/letsencrypt/live/git.jaseg.net/fullchain.pem"; ssl_certificate_key "/etc/letsencrypt/live/git.jaseg.net/privkey.pem"; @@ -342,6 +362,28 @@ http { add_header Strict-Transport-Security "max-age=86400"; + return 301 https://git.jaseg.de$request_uri; + } + + server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name git.jaseg.de; + root /usr/share/nginx/html; + + ssl_certificate "/etc/letsencrypt/live/git.jaseg.de/fullchain.pem"; + ssl_certificate_key "/etc/letsencrypt/live/git.jaseg.de/privkey.pem"; + ssl_dhparam "/etc/letsencrypt/ssl-dhparams.pem"; + include /etc/letsencrypt/options-ssl-nginx.conf; + + ssl_stapling on; + ssl_stapling_verify on; + + resolver 67.207.67.2 67.207.67.3 valid=300s; + resolver_timeout 10s; + + add_header Strict-Transport-Security "max-age=86400"; + # Load configuration files for the default server block. include /etc/nginx/default.d/*.conf; @@ -351,7 +393,7 @@ http { } location ~ ^/(cgit.png|favicon.png) { - alias /var/www/git.jaseg.net/cgit.png; + alias /var/www/git.jaseg.de/cgit.png; } location / { |