add_header Alt-Svc 'h3=":443"; ma=86400' always;
# HSTS
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
# Sanic
location / {
http2 on;
http3 on;
add_header Alt-Svc 'h3=":443"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
location / {
proxy_pass http://localhost:8000;
}
http2 on;
http3 on;
add_header Alt-Svc 'h3=":443"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
location / {
proxy_pass http://localhost:9000;
}
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+ # HTTP3 and Security Headers
+ add_header Alt-Svc 'h3=":443"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
+
return 301 https://dev.nutra.tk$request_uri;
}
http2 on;
http3 on;
add_header Alt-Svc 'h3=":443"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
server_name matrix.nutra.tk chat.nutra.tk;
location / {
server {
listen 8448 ssl default_server;
listen [::]:8448 ssl default_server;
+ listen 8448 quic default_server;
+ listen [::]:8448 quic default_server;
+ http2 on;
+ http3 on;
+ add_header Alt-Svc 'h3=":8448"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
server_name dev.nutra.tk;
location / {
add_header Alt-Svc 'h3=":443"; ma=86400' always;
# HSTS
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
# Sanic
location / {
http2 on;
http3 on;
add_header Alt-Svc 'h3=":443"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
location / {
proxy_pass http://localhost:8000;
}
http2 on;
http3 on;
add_header Alt-Svc 'h3=":443"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
location / {
proxy_pass http://localhost:9000;
}
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+ http2 on;
+ http3 on;
+ add_header Alt-Svc 'h3=":443"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
+
return 301 https://nutra.tk$request_uri;
}
http2 on;
http3 on;
add_header Alt-Svc 'h3=":443"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
server_name matrix.nutra.tk chat.nutra.tk;
location / {
server {
listen 8448 ssl default_server;
listen [::]:8448 ssl default_server;
+ listen 8448 quic default_server;
+ listen [::]:8448 quic default_server;
+ http2 on;
+ http3 on;
+ add_header Alt-Svc 'h3=":8448"; ma=86400' always;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
+ ssl_trusted_certificate /etc/ssl/private/ca-certs.pem;
server_name nutra.tk;
location / {
projects / nutratech / vps-root.git / commitdiff