2017-09-18 16:50:02 +02:00
|
|
|
server {
|
|
|
|
|
listen 8080;
|
|
|
|
|
server_name <frontend_domain>;
|
|
|
|
|
|
|
|
|
|
rewrite ^ https://<frontend_domain>:443$request_uri? permanent;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
|
|
|
|
|
listen 8443 ssl http2;
|
|
|
|
|
server_name <frontend_domain>;
|
|
|
|
|
index index.html index.php index.htm;
|
|
|
|
|
|
|
|
|
|
ssl_certificate /nginx/ssl/certificates/<frontend_domain>.crt;
|
|
|
|
|
ssl_certificate_key /nginx/ssl/certificates/<frontend_domain>.key;
|
|
|
|
|
ssl_trusted_certificate /nginx/ssl/certificates/<frontend_domain>.chain.pem;
|
2017-09-18 19:50:56 +02:00
|
|
|
ssl_ct_static_scts /nginx/ssl/timestamps/<frontend_domain>;
|
2017-09-18 16:50:02 +02:00
|
|
|
include /nginx/conf.d/ssl.conf;
|
|
|
|
|
include /nginx/conf.d/headers.conf;
|
2017-09-18 18:37:21 +02:00
|
|
|
include /nginx/conf.d/hsts.conf;
|
2017-09-18 18:50:55 +02:00
|
|
|
include /nginx/conf.d/ocsp.conf;
|
2017-09-18 19:50:56 +02:00
|
|
|
include /nginx/conf.d/ct.conf;
|
2017-09-18 16:50:02 +02:00
|
|
|
|
|
|
|
|
include /nginx/path.d/<frontend_domain>/*.conf;
|
|
|
|
|
|
|
|
|
|
location ~ /\.well-known/acme-challenge {
|
|
|
|
|
root /nginx/www/<frontend_domain>;
|
|
|
|
|
allow all;
|
|
|
|
|
}
|
|
|
|
|
}
|
