kopia lustrzana https://0xacab.org/rysiek/fasada
29 wiersze
872 B
Plaintext
29 wiersze
872 B
Plaintext
# require TLS, redirect to https://www.example.com/
|
|
server {
|
|
listen 80 default_server;
|
|
listen 443 ssl default_server;
|
|
server_name _;
|
|
|
|
# tls letsencrypt stateless acme config
|
|
# no need for webroot and stuff
|
|
#
|
|
# this is described for acme.sh,
|
|
# but should work with any LE client
|
|
# https://github.com/Neilpang/acme.sh/wiki/Stateless-Mode
|
|
location ~ "^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$" {
|
|
default_type text/plain;
|
|
return 200 "$1.<ACME_THUMBPRINT>";
|
|
}
|
|
|
|
|
|
# ssl keycert
|
|
ssl_certificate /srv/data/ssl/sites/www.example.com.cert;
|
|
ssl_certificate_key /srv/data/ssl/sites/www.example.com.key;
|
|
|
|
location / {
|
|
return 301 https://www.example.com/;
|
|
}
|
|
access_log /srv/logs/nginx/catchall.access.log combined;
|
|
error_log /srv/logs/nginx/catchall.error.log error;
|
|
}
|