tengel/www
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
www/etc/nginx/sites-available/airlocksix.com.conf

181 lines
5.8 KiB
Text
Raw Blame History

# airlocksix.com
# www.airlocksix.com
# airlock6.com
# www.airlock6.com
### airlocksix
server {
server_name airlocksix.com;
root /var/xyzzy/html/airlocksix;
index index.html;
location / {
try_files $uri $uri/ =404;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/airlocksix.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/airlocksix.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header Content-Security-Policy "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self';";
}
server {
server_name www.airlocksix.com;
root /var/xyzzy/html/airlocksix;
index index.html;
location ~ /\.well-known {
allow all;
}
location ~ / {
return 301 $scheme://airlocksix.com$request_uri;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/airlocksix.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/airlocksix.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header Content-Security-Policy "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self';";
}
server {
if ($host = airlocksix.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name airlocksix.com;
root /var/xyzzy/html/airlocksix;
index index.html;
return 404; # managed by Certbot
}
server {
if ($host = www.airlocksix.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name www.airlocksix.com;
root /var/xyzzy/html/airlocksix;
index index.html;
return 404; # managed by Certbot
}
### airlock6
server {
server_name airlock6.com;
root /var/xyzzy/html/airlocksix;
index index.html;
location ~ /\.well-known {
allow all;
}
location ~ / {
return 301 $scheme://airlocksix.com$request_uri;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/airlocksix.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/airlocksix.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header Content-Security-Policy "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self';";
}
server {
server_name www.airlock6.com;
root /var/xyzzy/html/airlocksix;
index index.html;
location ~ /\.well-known {
allow all;
}
location ~ / {
return 301 $scheme://airlocksix.com$request_uri;
}
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/airlocksix.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/airlocksix.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# https://ssl-config.mozilla.org/
add_header Strict-Transport-Security "max-age=15724800" always;
# https://observatory.mozilla.org
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "strict-origin-when-cross-origin";
add_header Content-Security-Policy "default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; base-uri 'self'; form-action 'self'; frame-ancestors 'self';";
}
server {
if ($host = airlock6.com) {
return 301 https://airlocksix.com$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name airlock6.com;
root /var/xyzzy/html/airlocksix;
index index.html;
return 404; # managed by Certbot
}
server {
if ($host = www.airlock6.com) {
return 301 https://airlocksix.com$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name www.airlock6.com;
root /var/xyzzy/html/airlocksix;
index index.html;
return 404; # managed by Certbot
}
Reference in a new issue View git blame Copy permalink