fix nginx config

6 years ago · 41ee641107
parent 1bcf348fa7
commit 41ee641107
3 changed files with 63 additions and 2 deletions
--- a/.idea/inspectionProfiles/Project_Default.xml
+++ b/.idea/inspectionProfiles/Project_Default.xml
@ -0,0 +1,17 @@
+<component name="InspectionProjectProfileManager">
+  <profile version="1.0">
+    <option name="myName" value="Project Default" />
+    <inspection_tool class="PyPackageRequirementsInspection" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="ignoredPackages">
+        <value>
+          <list size="4">
+            <item index="0" class="java.lang.String" itemvalue="django-compressor-develop" />
+            <item index="1" class="java.lang.String" itemvalue="django-recaptcha-develop" />
+            <item index="2" class="java.lang.String" itemvalue="django-robokassa" />
+            <item index="3" class="java.lang.String" itemvalue="python-dateutil" />
+          </list>
+        </value>
+      </option>
+    </inspection_tool>
+  </profile>
+</component>
--- a/.idea/vcs.xml
+++ b/.idea/vcs.xml
@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="VcsDirectoryMappings">
+    <mapping directory="$PROJECT_DIR$" vcs="Git" />
+  </component>
+</project>
--- a/configs/nginx.conf
+++ b/configs/nginx.conf
@ -1,5 +1,4 @@
 server {
-  listen 80;
  server_name drop.bakatrouble.pw;

  location /_ {
@ -10,10 +9,22 @@ server {
    include             uwsgi_params;
    uwsgi_pass          unix:///tmp/drop.sock;
  }
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/bakatrouble.pw/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/bakatrouble.pw/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+
+
+    if ($scheme != "https") {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+
 }

 server {
-  listen 80;
  server_name ~^(?<dir>.*)\.drop\.bakatrouble\.pw$;

  location /_ {
@ -24,4 +35,31 @@ server {
    include             uwsgi_params;
    uwsgi_pass          unix:///tmp/drop.sock;
  }
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/bakatrouble.pw/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/bakatrouble.pw/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+
+
+    if ($scheme != "https") {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+}
+server {
+    if ($host = drop.bakatrouble.pw) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+    if ($host ~ ^(?<dir>.*)\.drop\.bakatrouble\.pw$) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+  listen 80;
+  server_name drop.bakatrouble.pw ~^(?<dir>.*)\.drop\.bakatrouble\.pw$;
+    return 404; # managed by Certbot
+
+
 }