diff --git a/nginx.conf b/nginx.conf index caf4481..786d9b4 100644 --- a/nginx.conf +++ b/nginx.conf @@ -17,6 +17,8 @@ http { include mime.types; default_type application/octet-stream; + include /etc/nginx/sites-enabled/*; + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; @@ -31,8 +33,6 @@ http { types_hash_max_size 4096; types_hash_bucket_size 4096; #gzip on; - include /etc/nginx/conf.d/*.conf; - include /etc/nginx/sites-enabled/*; server { listen 80; @@ -58,77 +58,9 @@ http { # error_page 500 502 503 504 /50x.html; location = /50x.html { - #root /usr/share/nginx/html; - root /srv/http/; + #root /usr/share/nginx/html; + root /srv/http/; index index.html; - } - - # proxy the PHP scripts to Apache listening on 127.0.0.1:80 - # - #location ~ \.php$ { - # proxy_pass http://127.0.0.1; - #} - - # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 - # - #location ~ \.php$ { - # root html; - # fastcgi_pass 127.0.0.1:9000; - # fastcgi_index index.php; - # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; - # include fastcgi_params; - #} - - - #location ~ \.php$ { - # fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; - # fastcgi_index index.php; - # root /srv/http; - # include fastcgi.conf; - #} - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} } - - - # another virtual host using mix of IP-, name-, and port-based configuration - # - #server { - # listen 8000; - # listen somename:8080; - # server_name somename alias another.alias; - - # location / { - # root html; - # index index.html index.htm; - # } - #} - - - # HTTPS server - # - #server { - # listen 443 ssl; - # server_name localhost; - - # ssl_certificate cert.pem; - # ssl_certificate_key cert.key; - - # ssl_session_cache shared:SSL:1m; - # ssl_session_timeout 5m; - - # ssl_ciphers HIGH:!aNULL:!MD5; - # ssl_prefer_server_ciphers on; - - # location / { - # root html; - # index index.html index.htm; - # } - #} - } diff --git a/sites-available/photos b/sites-available/photos index 56c5f5f..abef819 100644 --- a/sites-available/photos +++ b/sites-available/photos @@ -24,11 +24,4 @@ server { ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; - - ## - # Nginx Bad Bot Blocker Includes - # REPO: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker - ## - #include /etc/nginx/bots.d/ddos.conf; - #include /etc/nginx/bots.d/blockbots.conf; } diff --git a/sites-available/upload b/sites-available/upload index 6eae7c4..5beee54 100644 --- a/sites-available/upload +++ b/sites-available/upload @@ -1,11 +1,12 @@ server { - listen 80; - listen 443 ssl; - server_name upload.asxp.io; + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name upload.asxp.io www.upload.asxp.io; - location /content { - root /var/telegabber/content/.. ; - } - ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; # managed by Certbot + location /content { + root /var/telegabber/content/.. ; + } + + ssl_certificate /etc/letsencrypt/live/asxp.io/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/asxp.io/privkey.pem; }