56 lines
1.3 KiB
Plaintext
56 lines
1.3 KiB
Plaintext
server {
|
|
listen 80 default_server;
|
|
listen [::]:80 default_server;
|
|
|
|
include letsencrypt.conf;
|
|
|
|
server_name _;
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
|
|
server {
|
|
http2 on;
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
server_name _;
|
|
root /var/www/html;
|
|
|
|
ssl_certificate /srv/ssl/default/fullchain.pem;
|
|
ssl_certificate_key /srv/ssl/default/key.pem;
|
|
|
|
server_tokens off;
|
|
|
|
include ssl_params.conf;
|
|
include letsencrypt.conf;
|
|
|
|
add_header X-Frame-Options "SAMEORIGIN";
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
add_header X-Content-Type-Options "nosniff";
|
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
|
|
|
index index.nginx-debian.html index.html index.htm;
|
|
|
|
charset utf-8;
|
|
|
|
location / {
|
|
try_files $uri $uri/ =404;
|
|
}
|
|
|
|
location /.well-known {
|
|
auth_basic "off";
|
|
}
|
|
|
|
location = /favicon.ico { access_log off; log_not_found off; }
|
|
location = /robots.txt { access_log off; log_not_found off; }
|
|
|
|
# Uncomment for PHP support (check /etc/nginx/phpfpm.conf), assumes PHP 8.1 FPM is installed.
|
|
# include phpfpm.conf;
|
|
|
|
access_log /var/log/nginx/default-access.log combined;
|
|
error_log /var/log/nginx/default-error.log error;
|
|
|
|
location ~ /\.ht {
|
|
deny all;
|
|
}
|
|
}
|