fix

diff --git a/etc/nginx/sites-available/default b/etc/nginx/sites-available/default
index af5e21d3844436b43b447ac7d6e37112379a29d8..aee0d498ec11531bcf8f9418f87804fdf40a0545 100644 (file)
--- a/etc/nginx/sites-available/default
+++ b/etc/nginx/sites-available/default
@@ -1,13 +1,13 @@
-upstream deveast.linode.poczatek.dev {
+upstream dev.nutra.tk {
   keepalive 100;
   server 127.0.0.1:20000;
   # server unix:/tmp/sanic.sock;
 }
 
 server {
-  server_name deveast.linode.poczatek.dev;
-  # listen 443 ssl http2 default_server;
-  listen [::]:443 ssl http2 default_server;
+  server_name dev.nutra.tk;
+  listen 443 ssl http2 default_server;
+  listen [::]:443 ssl ipv6only=on; # managed by Certbot
 
 
   # React app (base URL)
@@ -57,44 +57,20 @@ server {
   }
 
 
-  listen 443 ssl; # managed by Certbot
-    ssl_certificate /etc/letsencrypt/live/deveast.linode.poczatek.dev/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/deveast.linode.poczatek.dev/privkey.pem; # managed by Certbot
+  ssl_certificate /etc/letsencrypt/live/deveast.linode.poczatek.dev/fullchain.pem; # managed by Certbot
+  ssl_certificate_key /etc/letsencrypt/live/deveast.linode.poczatek.dev/privkey.pem; # managed by Certbot
   include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
   ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
 
 }
 
 
-# TODO: if is evil
-# https://wordpress.org/support/article/nginx/
-# http://wiki.nginx.org/IfIsEvil
-server {
-  server_name deveast.linode.poczatek.dev;
-
-
-  # CertBot
-  if ($host = deveast.linode.poczatek.dev) {
-    return 301 https://$host$request_uri;
-  } # managed by Certbot
-
-  listen 80;
-  return 404; # managed by Certbot
-}
-
-
 # Redirect all HTTP to HTTPS with no-WWW
 server {
+  listen 80 default_server;
+  listen [::]:80 default_server;
   server_name ~^(?:www\.)?(.*)$;
   return 301 https://$1$request_uri;
-
-    listen [::]:443 ssl ipv6only=on; # managed by Certbot
-    listen 443 ssl; # managed by Certbot
-    ssl_certificate /etc/letsencrypt/live/deveast.linode.poczatek.dev/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/deveast.linode.poczatek.dev/privkey.pem; # managed by Certbot
-    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
-    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
-
 }
 
 
@@ -106,16 +82,18 @@ server {
   return 301 $scheme://$1$request_uri;
 }
 
-server {
-    if ($host = dev.nutra.tk) {
-        return 301 https://$host$request_uri;
-    } # managed by Certbot
 
+# TODO: if is evil
+# https://wordpress.org/support/article/nginx/
+# http://wiki.nginx.org/IfIsEvil
+server {
+  if ($host = deveast.linode.poczatek.dev) {
+    return 301 https://$host$request_uri;
+  } # managed by Certbot
 
-  listen 80 default_server;
-  listen [::]:80 default_server;
-  server_name ~^(?:www\.)?(.*)$;
-    return 404; # managed by Certbot
 
+  if ($host = dev.nutra.tk) {
+    return 301 https://$host$request_uri;
+  } # managed by Certbot
+}
 
-}
\ No newline at end of file

diff --git a/etc/systemd/system/ntserv.service b/etc/systemd/system/ntserv.service
index 2b83a17c1f983e7b998a60e230985a7e46d7421a..3c275fb2891e4f8aba7e9f01d4fd52246bf54f32 100644 (file)
--- a/etc/systemd/system/ntserv.service
+++ b/etc/systemd/system/ntserv.service
@@ -5,7 +5,7 @@ Description=Nutra Server (Sanic / PostgreSQL)
 User=sanic
 ExecStart=/usr/bin/env python3 -m ntserv
 Restart=always
-Environment="NTSERV_ENV=dev" "NTSERV_SERVER_HOST=https://deveast.linode.poczatek.dev" "NTSERV_N_WORKERS=2" "NTSERV_PSQL_PASSWORD=REDACTED" "NTSERV_JWT_SECRET=secret" "NTSERV_PROXY_SECRET=secret"
+Environment="NTSERV_ENV=dev" "NTSERV_SERVER_HOST=https://dev.nutra.tk" "NTSERV_N_WORKERS=2" "NTSERV_PSQL_PASSWORD=REDACTED" "NTSERV_JWT_SECRET=secret" "NTSERV_PROXY_SECRET=secret"
 
 [Install]
 WantedBy=multi-user.target