From 2d3756eb4e627d0b5f557afcb8d02cd1a9ea386e Mon Sep 17 00:00:00 2001
From: jaseg <code@jaseg.net>
Date: Fri, 5 Jun 2020 16:28:39 +0200
Subject: deploy: Add dyndns service

---
 nginx.conf | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

(limited to 'nginx.conf')

diff --git a/nginx.conf b/nginx.conf
index b4245fa..744bd01 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -370,5 +370,43 @@ http {
             root /usr/share/nginx/html;
         }
     }
+
+    server {
+        listen       443 ssl http2;
+        listen       [::]:443 ssl http2;
+        server_name  dyndns.jaseg.de;
+        root         /usr/share/nginx/html;
+
+        ssl_certificate "/etc/letsencrypt/live/dyndns.jaseg.de/fullchain.pem";
+        ssl_certificate_key "/etc/letsencrypt/live/dyndns.jaseg.de/privkey.pem";
+        ssl_dhparam "/etc/letsencrypt/ssl-dhparams.pem";
+        include /etc/letsencrypt/options-ssl-nginx.conf;
+
+        ssl_stapling on;
+        ssl_stapling_verify on;
+
+        resolver 67.207.67.2 67.207.67.3 valid=300s;
+        resolver_timeout 10s;
+
+        add_header Strict-Transport-Security "max-age=86400";
+
+        # Load configuration files for the default server block.
+        include /etc/nginx/default.d/*.conf;
+
+        location / {
+            include uwsgi_params;
+            uwsgi_pass unix:/run/uwsgi/dyndns.socket;
+        }
+
+        error_page 404 /404.html;
+        location = /40x.html {
+            root         /usr/share/nginx/html;
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+            root         /usr/share/nginx/html;
+        }
+    }
 }
 
-- 
cgit