summaryrefslogtreecommitdiffhomepage
path: root/nginx
diff options
context:
space:
mode:
Diffstat (limited to 'nginx')
-rw-r--r--nginx/acme-challange.conf9
-rw-r--r--nginx/proxy.conf23
2 files changed, 32 insertions, 0 deletions
diff --git a/nginx/acme-challange.conf b/nginx/acme-challange.conf
new file mode 100644
index 00000000..66ed996e
--- /dev/null
+++ b/nginx/acme-challange.conf
@@ -0,0 +1,9 @@
+server {
+ listen 80 default;
+ listen [::]:80;
+ server_name nsfisis.dev;
+
+ location ^~ /.well-known/acme-challenge {
+ root /var/letsencrypt/www;
+ }
+}
diff --git a/nginx/proxy.conf b/nginx/proxy.conf
new file mode 100644
index 00000000..6725c4c4
--- /dev/null
+++ b/nginx/proxy.conf
@@ -0,0 +1,23 @@
+server {
+ listen 443 ssl;
+ listen [::]:443 ssl;
+ server_name blog.nsfisis.dev;
+
+ ssl_certificate /etc/letsencrypt/live/nsfisis.dev/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/nsfisis.dev/privkey.pem;
+ ssl_session_timeout 1d;
+ ssl_session_cache shared:SSL:10m;
+ ssl_session_tickets off;
+
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-Host $host;
+ proxy_set_header X-Forwarded-Server $host;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+ location / {
+ proxy_pass http://blog_nsfisis_nginx:80;
+ }
+}
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-12-01 02:46:47 +0000