2021-01-07 10:16:24 -07:00
|
|
|
#
|
|
|
|
# Default SECURED server block with LetsEncrypt support
|
|
|
|
#
|
2019-10-16 23:44:47 -06:00
|
|
|
|
|
|
|
server {
|
2019-10-17 00:52:55 -06:00
|
|
|
listen 80;
|
2019-10-16 23:44:47 -06:00
|
|
|
include /etc/nginx/server_names.conf;
|
|
|
|
|
2019-10-17 00:52:55 -06:00
|
|
|
# default redirect to properly formed HTTPS location
|
|
|
|
location / {
|
2019-10-17 21:43:28 -06:00
|
|
|
return 301 https://$host:<HTTPS_PORT>$request_uri;
|
2019-10-17 00:52:55 -06:00
|
|
|
}
|
2021-01-07 10:16:24 -07:00
|
|
|
|
2019-10-17 00:52:55 -06:00
|
|
|
# process Let's Encrypt challenges
|
|
|
|
location ^~ /.well-known/acme-challenge {
|
|
|
|
# log requests for security reasons
|
2021-01-07 10:16:24 -07:00
|
|
|
access_log /var/log/nginx/access.log main;
|
|
|
|
error_log /var/log/nginx/error.log warn;
|
2019-10-17 00:52:55 -06:00
|
|
|
|
|
|
|
default_type text/plain;
|
2021-01-07 10:16:24 -07:00
|
|
|
root /usr/share/nginx/letsencrypt;
|
2019-10-17 00:52:55 -06:00
|
|
|
autoindex on;
|
|
|
|
}
|
|
|
|
|
2019-10-17 01:23:11 -06:00
|
|
|
# error pages
|
|
|
|
include /etc/nginx/errorpages.conf;
|
|
|
|
}
|
|
|
|
|
2019-10-17 00:52:55 -06:00
|
|
|
server {
|
2019-10-17 16:34:10 -06:00
|
|
|
listen 443 ssl http2;
|
2019-10-17 00:52:55 -06:00
|
|
|
include /etc/nginx/server_names.conf;
|
|
|
|
|
|
|
|
# ssl certificates
|
|
|
|
include /etc/nginx/ssl_certs.conf;
|
|
|
|
|
2019-10-16 23:44:47 -06:00
|
|
|
location / {
|
2021-01-07 10:16:24 -07:00
|
|
|
try_files $uri $uri/ =404;
|
2019-10-16 23:44:47 -06:00
|
|
|
}
|
2019-10-17 01:23:11 -06:00
|
|
|
|
|
|
|
# error pages
|
|
|
|
include /etc/nginx/errorpages.conf;
|
2021-01-07 10:16:24 -07:00
|
|
|
}
|