From: nutra-bot <nutradigest@gmail.com>
Date: Mon, 27 Jun 2022 06:10:09 +0000 (+0000)
Subject: wip
X-Git-Url: https://git.nutra.tk/v2?a=commitdiff_plain;h=d30f28f964b293d2bd289e1658092dabf8436170;p=nutratech%2Fvps-root.git

wip
---

diff --git a/etc/nginx/sites-available/default b/etc/nginx/sites-available/default
index 633be81..5ac4db9 100644
--- a/etc/nginx/sites-available/default
+++ b/etc/nginx/sites-available/default
@@ -1,13 +1,14 @@
-upstream vps76.heliohost.us {
+upstream deveast.linode.poczatek.dev {
   keepalive 100;
   server 127.0.0.1:20000;
   # server unix:/tmp/sanic.sock;
 }
 
 server {
-  server_name vps76.heliohost.us;
+  server_name deveast.linode.poczatek.dev;
   # listen 443 ssl http2 default_server;
-  listen [::]:443 ssl http2 default_server;
+  # listen [::]:443 ssl http2 default_server;
+  listen [::]:80 ipv6only=on default_server;
   # Serve static files if found, otherwise proxy to Sanic
   location / {
     root /var/www;
@@ -20,43 +21,16 @@ server {
     proxy_request_buffering off;
     proxy_buffering off;
     # Proxy forwarding (password configured in app.config.FORWARDED_SECRET)
-    proxy_set_header forwarded "$proxy_forwarded;secret=\"REDACTED\"";
+    proxy_set_header forwarded "$proxy_forwarded;secret=\"secret\"";
     # Allow websockets and keep-alive (avoid connection: close)
     proxy_set_header connection "upgrade";
     proxy_set_header upgrade $http_upgrade;
   }
 
-
   # default favicon
   location = /favicon.ico {
       alias /www/ntserv/static/favicon.gif;
   }
 
-    listen 80; # managed by Certbot
-
-    listen 443 ssl; # managed by Certbot
-    ssl_certificate /etc/letsencrypt/live/vps76.heliohost.us/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/vps76.heliohost.us/privkey.pem; # managed by Certbot
-    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
-    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
-
 }
 
-
-# Redirect all HTTP to HTTPS with no-WWW
-server {
-  listen 80 default_server;
-  listen [::]:80 default_server;
-  server_name ~^(?:www\.)?(.*)$;
-  return 301 https://$1$request_uri;
-}
-
-# Redirect WWW to no-WWW
-server {
-  listen 443 ssl http2;
-  listen [::]:443 ssl http2;
-  server_name ~^www\.(.*)$;
-  return 301 $scheme://$1$request_uri;
-}
-
-