Add gitolite/cgit git hosting

1 files changed, 48 insertions, 0 deletions

diff --git a/nginx.conf b/nginx.conf
index f3400cc..b4245fa 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -322,5 +322,53 @@ http {
             root         /usr/share/nginx/html;
         }
     }
+
+    server {
+        listen       443 ssl http2;
+        listen       [::]:443 ssl http2;
+        server_name  git.jaseg.net;
+        root         /usr/share/nginx/html;
+
+        ssl_certificate "/etc/letsencrypt/live/git.jaseg.net/fullchain.pem";
+        ssl_certificate_key "/etc/letsencrypt/live/git.jaseg.net/privkey.pem";
+        ssl_dhparam "/etc/letsencrypt/ssl-dhparams.pem";
+        include /etc/letsencrypt/options-ssl-nginx.conf;
+
+        ssl_stapling on;
+        ssl_stapling_verify on;
+
+        resolver 67.207.67.2 67.207.67.3 valid=300s;
+        resolver_timeout 10s;
+
+        add_header Strict-Transport-Security "max-age=86400";
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        location ~ ^/(cgit.css|robots.txt) {
+            root /usr/share/cgit;
+            expires 30d;
+        }
+
+        location ~ ^/(cgit.png|favicon.png) {
+            alias /var/www/git.jaseg.net/cgit.png;
+        }
+
+        location / {
+            include uwsgi_params;
+            uwsgi_modifier1 9;
+            uwsgi_pass unix:/run/uwsgi/cgit.socket;
+        }
+
+        error_page 404 /404.html;
+        location = /40x.html {
+            root /usr/share/nginx/html;
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+            root /usr/share/nginx/html;
+        }
+    }
 }