Home Explore Help
Sign In
glass
/
deploy
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: d20071b181
Branches Tags
deploy
/
serve.conf

serve.conf 1.7 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 
  1. server {
    2. 

  2.     listen 80;
    3. 

  3.     server_name SERVER_NAME;
    4. 

  4.     
    5. 

  5.     return 301 https://$host$request_uri;
    6. 

  6. }
    7. 

  7. 

  8. server {
    9. 

  9.     listen 443 ssl;
    10. 

  10.     server_name SERVER_NAME;
    11. 

  11. 

  12.     ssl_certificate      /etc/letsencrypt/live/SERVER_NAME/fullchain.pem;
    13. 

  13.     ssl_certificate_key  /etc/letsencrypt/live/SERVER_NAME/privkey.pem;
    14. 

  14.     ssl_session_timeout  5m;
    15. 

  15.     ssl_protocols  TLSv1.2 TLSv1.3;
    16. 

  16.     ssl_ciphers  HIGH:!aNULL:!MD5;
    17. 

  17.     ssl_prefer_server_ciphers   on;
    18. 

  18. 

  19.     client_max_body_size 1024m;
    20. 

  20. 

  21.     location /group/signal {
    22. 

  22.         proxy_pass http://serve:8080;
    23. 

  23.         proxy_http_version 1.1;
    24. 

  24.         proxy_set_header Upgrade $http_upgrade;
    25. 

  25.         proxy_set_header Connection "upgrade";
    26. 

  26.         proxy_set_header Host $host;
    27. 

  27.         proxy_set_header X-Real-IP $remote_addr;
    28. 

  28.         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    29. 

  29.         proxy_set_header X-Forwarded-Proto $scheme;
    30. 

  30.     }
    31. 

  31. 

  32.     location /files/ {
    33. 

  33.         root /var/lib/webpage/;
    34. 

  34.     }
    35. 

  35. 

  36.     location / {
    37. 

  37.         proxy_set_header Host $host;
    38. 

  38.         proxy_set_header X-Real-IP $remote_addr;
    39. 

  39.         proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
    40. 

  40. 

  41.         if ($request_method = 'OPTIONS') {
    42. 

  42.             add_header 'Access-Control-Allow-Origin' '$http_origin';
    43. 

  43.             add_header 'Access-Control-Allow-Methods' '*';
    44. 

  44.             add_header 'Access-Control-Allow-Headers' '*';
    45. 

  45.             add_header 'Access-Control-Allow-Credentials' 'true';
    46. 

  46.             add_header 'Content-Type' 'text/plain; charset=utf-8';
    47. 

  47.             add_header 'Content-Length' 0;
    48. 

  48.             return 204;
    49. 

  49.         }
    50. 

  50. 

  51.         if ($http_dandelion_service = true) {
    52. 

  52.             proxy_pass http://serve:8192;
    53. 

  53.             break;
    54. 

  54.         }
    55. 

  55. 

  56.         proxy_pass http://serve:8080;
    57. 

  57.     }
    58. 

  58. }
    59.