-upstream vps76.heliohost.us {
+upstream deveast.linode.poczatek.dev {
keepalive 100;
server 127.0.0.1:20000;
# server unix:/tmp/sanic.sock;
}
server {
- server_name vps76.heliohost.us;
+ server_name deveast.linode.poczatek.dev;
# listen 443 ssl http2 default_server;
- listen [::]:443 ssl http2 default_server;
+ # listen [::]:443 ssl http2 default_server;
+ listen [::]:80 ipv6only=on default_server;
# Serve static files if found, otherwise proxy to Sanic
location / {
root /var/www;
proxy_request_buffering off;
proxy_buffering off;
# Proxy forwarding (password configured in app.config.FORWARDED_SECRET)
- proxy_set_header forwarded "$proxy_forwarded;secret=\"REDACTED\"";
+ proxy_set_header forwarded "$proxy_forwarded;secret=\"secret\"";
# Allow websockets and keep-alive (avoid connection: close)
proxy_set_header connection "upgrade";
proxy_set_header upgrade $http_upgrade;
}
-
# default favicon
location = /favicon.ico {
alias /www/ntserv/static/favicon.gif;
}
- listen 80; # managed by Certbot
-
- listen 443 ssl; # managed by Certbot
- ssl_certificate /etc/letsencrypt/live/vps76.heliohost.us/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/vps76.heliohost.us/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
-
}
-
-# Redirect all HTTP to HTTPS with no-WWW
-server {
- listen 80 default_server;
- listen [::]:80 default_server;
- server_name ~^(?:www\.)?(.*)$;
- return 301 https://$1$request_uri;
-}
-
-# Redirect WWW to no-WWW
-server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name ~^www\.(.*)$;
- return 301 $scheme://$1$request_uri;
-}
-
-
projects / nutratech / vps-root.git / commitdiff