503.conf 2.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566
  1. ## Configuração para 503.partidopirata.org
  2. ## Serviços fora do ar porque estão fora do ar
  3. server {
  4. listen 80;
  5. listen [::]:80;
  6. server_name *.partidopirata.org;
  7. return 307 http://503.partidopirata.org;
  8. }
  9. server {
  10. listen 80;
  11. listen [::]:80;
  12. server_name 503.partidopirata.org;
  13. return 301 https://503.partidopirata.org$request_uri;
  14. }
  15. ## SSL
  16. server {
  17. listen 443 ssl;
  18. listen [::]:443 ssl;
  19. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  20. ssl_prefer_server_ciphers on;
  21. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
  22. ssl_ecdh_curve secp384r1;
  23. ssl_session_cache shared:SSL:10m;
  24. ssl_session_tickets off;
  25. ssl_stapling on;
  26. ssl_stapling_verify on;
  27. resolver 208.67.220.220 208.67.222.222 valid=300s;
  28. resolver_timeout 5s;
  29. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
  30. add_header X-Frame-Options SAMEORIGIN;
  31. add_header X-Content-Type-Options nosniff;
  32. ssl_certificate /etc/letsencrypt/live/partidopirata.org-0001/fullchain.pem;
  33. ssl_certificate_key /etc/letsencrypt/live/partidopirata.org-0001/privkey.pem;
  34. ssl_trusted_certificate /etc/letsencrypt/live/partidopirata.org-0001/chain.pem;
  35. server_name *.partidopirata.org;
  36. return 307 https://503.partidopirata.org;
  37. }
  38. server {
  39. listen 443 ssl;
  40. listen [::]:443 ssl;
  41. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  42. ssl_prefer_server_ciphers on;
  43. ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
  44. ssl_ecdh_curve secp384r1;
  45. ssl_session_cache shared:SSL:10m;
  46. ssl_session_tickets off;
  47. ssl_stapling on;
  48. ssl_stapling_verify on;
  49. resolver 208.67.220.220 208.67.222.222 valid=300s;
  50. resolver_timeout 5s;
  51. add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
  52. add_header X-Frame-Options SAMEORIGIN;
  53. add_header X-Content-Type-Options nosniff;
  54. ssl_certificate /etc/letsencrypt/live/partidopirata.org-0001/fullchain.pem;
  55. ssl_certificate_key /etc/letsencrypt/live/partidopirata.org-0001/privkey.pem;
  56. ssl_trusted_certificate /etc/letsencrypt/live/partidopirata.org-0001/chain.pem;
  57. server_name 503.partidopirata.org;
  58. root /var/www/git/503/;
  59. }