mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
46 lines
1.3 KiB
Sed
46 lines
1.3 KiB
Sed
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
server_name {{ domain }};
|
|
|
|
access_by_lua_file /usr/share/ssowat/access.lua;
|
|
|
|
include conf.d/{{ domain }}.d/*.conf;
|
|
|
|
location /yunohost/admin {
|
|
return 301 https://$http_host$request_uri;
|
|
}
|
|
|
|
access_log /var/log/nginx/{{ domain }}-access.log;
|
|
error_log /var/log/nginx/{{ domain }}-error.log;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
server_name {{ domain }};
|
|
|
|
ssl_certificate /etc/yunohost/certs/{{ domain }}/crt.pem;
|
|
ssl_certificate_key /etc/yunohost/certs/{{ domain }}/key.pem;
|
|
ssl_session_timeout 5m;
|
|
ssl_session_cache shared:SSL:50m;
|
|
ssl_prefer_server_ciphers on;
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
ssl_ciphers ALL:!aNULL:!eNULL:!LOW:!EXP:!RC4:!3DES:+HIGH:+MEDIUM;
|
|
|
|
add_header Strict-Transport-Security "max-age=31536000;";
|
|
|
|
# Uncomment the following directive after DH generation
|
|
# > openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048
|
|
#ssl_dhparam /etc/ssl/private/dh2048.pem;
|
|
|
|
access_by_lua_file /usr/share/ssowat/access.lua;
|
|
|
|
include conf.d/{{ domain }}.d/*.conf;
|
|
|
|
include conf.d/yunohost_admin.conf.inc;
|
|
include conf.d/yunohost_api.conf.inc;
|
|
|
|
access_log /var/log/nginx/{{ domain }}-access.log;
|
|
error_log /var/log/nginx/{{ domain }}-error.log;
|
|
}
|