telegram_bots/nginx.conf

52 lines
1.5 KiB
Nginx Configuration File
Raw Permalink Normal View History

2019-01-11 19:16:01 +00:00
server {
2019-11-25 19:37:01 +00:00
server_name ~^bots\.bakatrouble\.(pw|me)$;
2019-01-11 19:16:01 +00:00
2019-11-25 19:37:01 +00:00
access_log /srv/apps/bots/logs/nginx.access;
error_log /srv/apps/bots/logs/nginx.error;
2019-01-11 19:16:01 +00:00
2019-11-25 19:37:01 +00:00
location /static {
alias /srv/apps/bots/public/static;
}
2019-01-11 19:16:01 +00:00
2019-11-25 19:37:01 +00:00
location /uploads {
alias /srv/apps/bots/public/uploads;
}
2019-01-11 19:16:01 +00:00
2019-11-25 19:37:01 +00:00
location / {
2019-11-25 19:51:38 +00:00
proxy_pass http://unix:/tmp/bots.sock;
2019-11-25 19:37:01 +00:00
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
listen [::]:443 http2 ssl ipv6only=on;
listen 443 http2 ssl;
ssl_certificate /etc/letsencrypt/live/bakatrouble.pw/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bakatrouble.pw/privkey.pem;
# include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
}
server {
if ($host ~ ^bots\.bakatrouble\.(pw|me)$) {
return 301 https://$host$request_uri;
}
listen [::]:80 ipv6only=on;
listen 80;
server_name ~^bots\.bakatrouble\.(pw|me)$;
return 404;
2019-01-11 19:16:01 +00:00
}