summaryrefslogtreecommitdiff
path: root/playbooks.d/webserver-nginx
diff options
context:
space:
mode:
authorPatrick Spek <p.spek@tyil.nl>2022-04-25 14:30:06 +0200
committerPatrick Spek <p.spek@tyil.nl>2022-04-25 14:30:06 +0200
commitb8f5d5769068ee6e34fa1c82a740a6d16d9836ad (patch)
tree1009ac107de45bdadcc4b3999376aeee7b707c74 /playbooks.d/webserver-nginx
parent49426ab14f71318404931a81cf2bc5cbd2f177cc (diff)
Add fedi.tyil.nl as a potential website
Diffstat (limited to 'playbooks.d/webserver-nginx')
-rw-r--r--playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.fedi13
-rw-r--r--playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.fedi62
2 files changed, 75 insertions, 0 deletions
diff --git a/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.fedi b/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.fedi
new file mode 100644
index 0000000..a736d91
--- /dev/null
+++ b/playbooks.d/webserver-nginx/share/sites.d/http/nl.tyil.fedi
@@ -0,0 +1,13 @@
+server {
+ listen 80;
+ listen [::]:80;
+
+ server_name fedi.tyil.nl;
+
+ include /etc/nginx/snippets.d/certbot.conf;
+ include /etc/nginx/snippets.d/headers.conf;
+
+ location / {
+ return 301 https://$host$request_uri;
+ }
+}
diff --git a/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.fedi b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.fedi
new file mode 100644
index 0000000..8d4930e
--- /dev/null
+++ b/playbooks.d/webserver-nginx/share/sites.d/https/nl.tyil.fedi
@@ -0,0 +1,62 @@
+server {
+ listen 443 ssl http2; # managed by Certbot
+ listen [::]:443 ssl http2; # managed by Certbot
+
+ server_name fedi.tyil.nl;
+
+ ssl_certificate /etc/letsencrypt/live/fedi.tyil.nl/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/fedi.tyil.nl/privkey.pem;
+
+ include /etc/nginx/snippets.d/certbot.conf;
+ include /etc/nginx/snippets.d/ssl.conf;
+ include mime.types;
+
+ root /var/www/nl.tyil.fedi;
+ index index.php;
+
+ autoindex off;
+ fastcgi_param HTTPS on;
+ client_max_body_size 10m;
+ client_body_buffer_size 128k;
+
+ location / {
+ try_files $uri /index.php?pagename=$uri&$args;
+ }
+
+ location ^~ /.well-known/ {
+ allow all;
+ rewrite ^ /index.php?pagename=$uri;
+ }
+
+ location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|ttf|woff|svg)$ {
+ expires 30d;
+ try_files $uri /index.php?pagename=$uri&$args;
+ }
+
+ location ~* \.php$ {
+ try_files $uri =404;
+
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
+ fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
+
+ include /etc/nginx/snippets.d/fcgi.conf;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+
+ fastcgi_buffers 16 16k;
+ fastcgi_buffer_size 32k;
+ }
+
+ location ~* \.(tpl|md|tgz|log|out)$ {
+ deny all;
+ }
+
+ location ~ /\. {
+ deny all;
+ }
+
+ location ^~ /bin {
+ deny all;
+ }
+}
generated by cgit v1.1 at 2024-04-28 01:29:58 +0000