diff options
author | Patrick Spek <p.spek@tyil.nl> | 2022-04-18 08:53:56 +0200 |
---|---|---|
committer | Patrick Spek <p.spek@tyil.nl> | 2022-04-18 08:53:56 +0200 |
commit | f64cadd81fbaebeb8496f3cd9053764fec06a64e (patch) | |
tree | 33a2c3bb7fb6c37da2b0266f7b7084dec5c4bcf0 /playbooks.d/webserver/share/sites.d/https/nl.tyil.home | |
parent | 342d8ef5e1d988877efbd1bc5d333640d7523570 (diff) |
Various fixes to make the webserver playbook work
Diffstat (limited to 'playbooks.d/webserver/share/sites.d/https/nl.tyil.home')
-rw-r--r-- | playbooks.d/webserver/share/sites.d/https/nl.tyil.home | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/playbooks.d/webserver/share/sites.d/https/nl.tyil.home b/playbooks.d/webserver/share/sites.d/https/nl.tyil.home new file mode 100644 index 0000000..9683ccd --- /dev/null +++ b/playbooks.d/webserver/share/sites.d/https/nl.tyil.home @@ -0,0 +1,52 @@ +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + + server_name home.tyil.nl; + + ssl_certificate /etc/letsencrypt/live/home.tyil.nl/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/home.tyil.nl/privkey.pem; + + include /etc/nginx/snippets.d/certbot.conf; + include /etc/nginx/snippets.d/headers.conf; + include /etc/nginx/snippets.d/ssl.conf; + + location / { + return 301 https://www.tyil.nl$request_uri; + } + + location ~ ^/~(.+?)(/.*)?$ { + alias /home/$1/www$2; + autoindex on; + } + + location /git { + rewrite ^/git/(.*)$ https://git.tyil.nl/$1 redirect; + } + + location /media { + alias /var/media; + + satisfy any; + + allow 127.0.0.1; + allow 10.57.0.0/16; + allow 192.168.178.0/24; + deny all; + + auth_basic "pls no hack"; + auth_basic_user_file "/var/media/.htpasswd"; + + autoindex on; + } + + location /media/backups { deny all; } + location /media/nextcloud { deny all; } + location /media/pictures { deny all; } + location /media/recordings { deny all; } + + location /packages { + alias /var/portage/packages; + autoindex on; + } +} |