tradewind/nginx-conf
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feature:初始化代码结构

Browse Source
This commit is contained in:
tradewind
2022-10-30 00:30:06 +08:00
committed by wswan
parent a538698c93
commit 97972039fc
23 changed files with 51 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
sites-available/00 Normal file
View File

@ -0,0 +1,34 @@
server {
server_name _;
listen 80 default_server;
listen 443 ssl default_server;
## To also support IPv6, uncomment this block
# listen [::]:80 default_server;
# listen [::]:443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
return 404; # or whatever
}
server {
server_name joplin.tradewind.vip;
location / {
resolver 223.5.5.5;
set $router "router.tradewind.vip";
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://$router:8888;
}
listen 8888 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

31
sites-available/9song-api Normal file
View File

@ -0,0 +1,31 @@
server {
server_name 9song-api.tradewind.vip;
location / {
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8000/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = 9song-api.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name 9song-api.tradewind.vip;
return 404; # managed by Certbot
}

18
sites-available/a_default Normal file
View File

@ -0,0 +1,18 @@
server {
listen 80 default_server;
server_name _;
return 444;
}
server {
listen 443 ssl default_server;
server_name _;
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
# include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
return 444;
}

36
sites-available/api Normal file
View File

@ -0,0 +1,36 @@
server {
listen 443;
server_name api.tradewind.vip;
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
root /var/www/http/tradewind-api/public;
index index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
}
server {
if ($host = api.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name api.tradewind.vip;
return 404; # managed by Certbot
}

36
sites-available/bitwarden Normal file
View File

@ -0,0 +1,36 @@
server {
server_name bitwarden.tradewind.vip;
# Allow large attachments
client_max_body_size 128M;
location / {
resolver 223.5.5.5;
set $router "router.tradewind.vip";
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://$router:10060;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = bitwarden.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name bitwarden.tradewind.vip;
return 404; # managed by Certbot
}

101
sites-available/default Normal file
View File

@ -0,0 +1,101 @@
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
# listen 80 default_server;
# listen [::]:80 default_server;
# SSL configuration
#
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# With php-cgi (or other tcp sockets):
fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
server {
listen 80;
server_name default_server;
return 301 https://$host$request_uri;
}

34
sites-available/emby Normal file
View File

@ -0,0 +1,34 @@
server {
server_name emby.tradewind.vip;
location / {
add_header Cache-Control no-cache;
add_header Pragma no-cache;
add_header Expires 0;
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://router.tradewind.vip:8096/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = emby.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name emby.tradewind.vip;
return 404; # managed by Certbot
}

33
sites-available/gitea Normal file
View File

@ -0,0 +1,33 @@
server {
server_name gitea.tradewind.vip;
location / {
resolver 223.5.5.5;
set $router "router.tradewind.vip";
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://$router:10010;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = gitea.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name gitea.tradewind.vip;
return 404; # managed by Certbot
}

31
sites-available/gogs Normal file
View File

@ -0,0 +1,31 @@
server {
server_name gogs.tradewind.vip;
location / {
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://tradewind.myqnapcloud.com:10020/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = gogs.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name gogs.tradewind.vip;
return 404; # managed by Certbot
}

31
sites-available/img Normal file
View File

@ -0,0 +1,31 @@
server {
server_name img.tradewind.vip;
location / {
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://txapi.tradewind.vip/release/imgbed/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = img.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name img.tradewind.vip;
return 404; # managed by Certbot
}

31
sites-available/jenkins Normal file
View File

@ -0,0 +1,31 @@
server {
server_name jenkins.tradewind.vip;
location / {
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://tradewind.myqnapcloud.com:10030/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = jenkins.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name jenkins.tradewind.vip;
return 404; # managed by Certbot
}

53
sites-available/joplin Normal file
View File

@ -0,0 +1,53 @@
server {
server_name joplin.tradewind.vip;
location / {
resolver 223.5.5.5;
set $router "router.tradewind.vip:22300";
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://$router;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name joplin.tradewind.vip;
location / {
resolver 223.5.5.5;
set $router "router.tradewind.vip";
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://$router:8888;
}
listen 5000 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = joplin.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name joplin.tradewind.vip;
return 404; # managed by Certbot
}

35
sites-available/leanote Normal file
View File

@ -0,0 +1,35 @@
server {
server_name leanote.tradewind.vip;
location / {
resolver 223.5.5.5;
set $router "router.tradewind.vip";
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://$router:10000;
}
location /demo {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = leanote.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name leanote.tradewind.vip;
return 404; # managed by Certbot
}

42
sites-available/music Normal file
View File

@ -0,0 +1,42 @@
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
server_name music.tradewind.vip;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://127.0.0.1:8080/;
}
# listen 80;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/music.tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/music.tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = music.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name music.tradewind.vip;
return 404; # managed by Certbot
}
#server {
# listen 8080;
# server_name tradewind.vip;
# return 301 https://music.tradewind.vip;
#}

38
sites-available/nas Normal file
View File

@ -0,0 +1,38 @@
server {
server_name nas.tradewind.vip;
location / {
resolver 223.5.5.5;
set $router "router.tradewind.vip";
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://$router:5000;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
#server {
# listen 80;
# server_name nas.tradewind.vip;
# return 301 https://$host$request_uri;
#}
server {
if ($host = nas.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name nas.tradewind.vip;
return 404; # managed by Certbot
}

31
sites-available/rss Normal file
View File

@ -0,0 +1,31 @@
server {
server_name rss.tradewind.vip;
location / {
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:1200/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = rss.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name rss.tradewind.vip;
return 404; # managed by Certbot
}

31
sites-available/send Normal file
View File

@ -0,0 +1,31 @@
server {
server_name send.tradewind.vip;
location / {
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://airportal.cn/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = send.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name send.tradewind.vip;
return 404; # managed by Certbot
}

29
sites-available/sync Normal file
View File

@ -0,0 +1,29 @@
server {
server_name sync.tradewind.vip;
location / {
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://router.tradewind.vip:5007/Sync;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = sync.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name sync.tradewind.vip;
return 404; # managed by Certbot
}

33
sites-available/tr Normal file
View File

@ -0,0 +1,33 @@
server {
server_name tr.tradewind.vip;
location / {
resolver 223.5.5.5;
set $router "router.tradewind.vip";
proxy_set_header Host $host;
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://$router:49091;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = tr.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name tr.tradewind.vip;
return 404; # managed by Certbot
}

31
sites-available/wiznote Normal file
View File

@ -0,0 +1,31 @@
server {
server_name wiznote.tradewind.vip;
location / {
proxy_set_header Host $host;
# proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://tradewind.myqnapcloud.com:10050/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = wiznote.tradewind.vip) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name wiznote.tradewind.vip;
return 404; # managed by Certbot
}

105
sites-available/www Normal file
View File

@ -0,0 +1,105 @@
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
# listen 80 default_server;
# listen [::]:80 default_server;
# SSL configuration
#
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /etc/letsencrypt/live/tradewind.vip/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/tradewind.vip/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/http;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name tradewind.vip www.tradewind.vip;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
# fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
# With php-cgi (or other tcp sockets):
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
server {
listen 80;
server_name tradewind.vip www.tradewind.vip;
return 301 https://$host$request_uri;
}