}
# API
-server {
- # Service: API | https://api.nutra.tk
- server_name api.nutra.tk;
- #listen 80;
- listen 443 ssl;
- listen 443 quic;
- listen [::]:443 quic;
- http2 on;
- http3 on;
- add_header Alt-Svc 'h3=":443"; ma=86400' always;
- # HSTS
- add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
- ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
-
- # Sanic
- location / {
- proxy_pass http://127.0.0.1:20000; # API server
- # Allow fast streaming HTTP/1.1 pipes (keep-alive, unbuffered)
- proxy_http_version 1.1;
- proxy_request_buffering off;
- proxy_buffering off;
- # Proxy forwarding (password configured in app.config.FORWARDED_SECRET)
- # and stored in: /etc/nginx/conf.d/secrets.conf
- proxy_set_header forwarded "$proxy_forwarded;secret=\"$proxy_secret_key\"";
- # Allow websockets and keep-alive (avoid connection: close)
- proxy_set_header connection "upgrade";
- proxy_set_header upgrade $http_upgrade;
- }
-
- # default favicon
- location /favicon.ico {
- alias /var/www/favicon.gif;
- }
-}
-
-
-# Store Front (MedusaJS)
-server {
- # Service: Store | https://store.nutra.tk
- server_name store.nutra.tk;
- #listen 80;
- listen 443 ssl;
- listen 443 quic;
- listen [::]:443 quic;
- http2 on;
- http3 on;
- add_header Alt-Svc 'h3=":443"; ma=86400' always;
- add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
- ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
- location / {
- proxy_pass http://localhost:8000;
- }
-}
-
-# Store [Admin UI] (MedusaJS)
-server {
- # Service: Store Admin | https://store-admin-8b56411b.nutra.tk
- server_name store-api.nutra.tk store-admin-8b56411b.nutra.tk;
- #listen 80;
- listen 443 ssl;
- listen 443 quic;
- listen [::]:443 quic;
- http2 on;
- http3 on;
- add_header Alt-Svc 'h3=":443"; ma=86400' always;
- add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
- ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
- location / {
- proxy_pass http://localhost:9000;
- }
-}
+# API (Disabled in Prod)
+#server {
+# # Service: API | https://api.nutra.tk
+# server_name api.nutra.tk;
+# #listen 80;
+# listen 443 ssl;
+# listen 443 quic;
+# listen [::]:443 quic;
+# http2 on;
+# http3 on;
+# add_header Alt-Svc 'h3=":443"; ma=86400' always;
+# # HSTS
+# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+# ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
+#
+# # Sanic
+# location / {
+# proxy_pass http://127.0.0.1:20000; # API server
+# # Allow fast streaming HTTP/1.1 pipes (keep-alive, unbuffered)
+# proxy_http_version 1.1;
+# proxy_request_buffering off;
+# proxy_buffering off;
+# # Proxy forwarding (password configured in app.config.FORWARDED_SECRET)
+# # and stored in: /etc/nginx/conf.d/secrets.conf
+# proxy_set_header forwarded "$proxy_forwarded;secret=\"$proxy_secret_key\"";
+# # Allow websockets and keep-alive (avoid connection: close)
+# proxy_set_header connection "upgrade";
+# proxy_set_header upgrade $http_upgrade;
+# }
+#
+# # default favicon
+# location /favicon.ico {
+# alias /var/www/favicon.gif;
+# }
+#}
+
+
+# Store Front (MedusaJS) - Disabled in Prod
+#server {
+# # Service: Store | https://store.nutra.tk
+# server_name store.nutra.tk;
+# #listen 80;
+# listen 443 ssl;
+# listen 443 quic;
+# listen [::]:443 quic;
+# http2 on;
+# http3 on;
+# add_header Alt-Svc 'h3=":443"; ma=86400' always;
+# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+# ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
+# location / {
+# proxy_pass http://localhost:8000;
+# }
+#}
+
+# Store [Admin UI] (MedusaJS) - Disabled in Prod
+#server {
+# # Service: Store Admin | https://store-admin-8b56411b.nutra.tk
+# server_name store-api.nutra.tk store-admin-8b56411b.nutra.tk;
+# #listen 80;
+# listen 443 ssl;
+# listen 443 quic;
+# listen [::]:443 quic;
+# http2 on;
+# http3 on;
+# add_header Alt-Svc 'h3=":443"; ma=86400' always;
+# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+# ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
+# location / {
+# proxy_pass http://localhost:9000;
+# }
+#}
# UI, blog, favicon, default server
projects / nutratech / vps-root.git / commitdiff