Home Explore Help
Sign In
demure
/
dotfiles
Watch 3
Star 3
Fork 3
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
dotfiles
/
system_wide
/
etc
/
nginx
/
sites-available
/
glowingbear

glowingbear 1.6 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. ## glowing-bear site config
    2. 

  2. 

  3. server {
    4. 

  4.     ## Redirect http to https
    5. 

  5.     listen 80;
    6. 

  6.     listen [::]:80;
    7. 

  7.     server_name glow.demu.red;
    8. 

  8.     return 301 https://$host$request_uri;
    9. 

  9. }
    10. 

  10. 

  11. server {
    12. 

  12.     listen 443 ssl;
    13. 

  13.     listen [::]:443 ssl;
    14. 

  14.     server_name glow.demu.red;
    15. 

  15.     root /var/www/glowing-bear;
    16. 

  16. 

  17.     access_log /var/log/nginx/glow_access.log;
    18. 

  18.     error_log /var/log/nginx/glow_error.log;
    19. 

  19. 

  20.     ## Lock Down Access
    21. 

  21.     #auth_basic           "Authorized Access Only";
    22. 

  22.     #auth_basic_user_file /var/www/glowing-bear/.htpasswd;
    23. 

  23. 

  24.     ## Disable all methods besides HEAD, GET and POST.
    25. 

  25.     if ($request_method !~ ^(GET|HEAD|POST)$ ) {
    26. 

  26.         return 444;
    27. 

  27.     }
    28. 

  28. 

  29.     index index.html;
    30. 

  30. 

  31.     ## Include certbot fix
    32. 

  32.     include /etc/nginx/snippets/nginx.well-known.conf;
    33. 

  33. 

  34.     ## Include ssl
    35. 

  35.     include /etc/nginx/snippets/nginx.ssl.conf;
    36. 

  36. 

  37.     ### Deny Stuffs ### {{{
    38. 

  38.         ## Protect specific TXT and config files
    39. 

  39.         location ~ /(\.|readme.html|readme.md|changelog.txt|changelog.md|contributing.txt|contributing.md|license.txt|license.md|legalnotice|privacy.txt|privacy.md|security.txt|security.md|sample-.*txt)
    40. 

  40.         {
    41. 

  41.             deny all;
    42. 

  42.         }
    43. 

  43. 

  44.         ## Protect .git files
    45. 

  45.         location ~ /\.git/ {
    46. 

  46.             access_log off;
    47. 

  47.             log_not_found off;
    48. 

  48.             deny all;
    49. 

  49.         }
    50. 

  50.     ### End Deny Stuffs ### }}}
    51. 

  51. 

  52.     ## Error Redirects
    53. 

  53.     error_page 403 /error.html;
    54. 

  54.     error_page 404 /error.html;
    55. 

  55.     error_page 405 /error.html;
    56. 

  56.     error_page 500 501 502 503 504 /error.html;
    57. 

  57. 

  58.     location = /error.html {
    59. 

  59.         root /var/www/error;
    60. 

  60.         internal;
    61. 

  61.     }
    62. 

  62. }
    63. 

  63.