server {
server_name www.libsoc.org;
root /home/server/libsoc/Server/public/;
add_header alt-svc 'h3=":443"; ma=2592000, h3-23=":443"; ma=86400, h3-29=":443"; ma=2592000';
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
location ~* \.(?:ico|gif|jpe?g|png|svg)$ {
expires 1d;
add_header Pragma public;
add_header Cache-Control "public";
}
location ~* \.(?:css|js|json)$ {
expires 1d;
add_header Pragma public;
add_header Cache-Control "public";
}
location ~* \.(?:woff2|woff|ttf)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public";
}
location /js/ {}
location /css {}
location /img/ {}
location /assets/ {}
location /fonts/ {}
location /favicon.ico {}
location /robots.txt {}
location ~ /loaderio-58f125137ee61345d68285d88016ce2a {}
location / {
proxy_pass http://127.0.0.1:8001/;
}
listen 443 http3;
listen 443 ssl http2;
ssl_certificate /etc/letsencrypt/live/libsoc.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/libsoc.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_buffer_size 4k;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/libsoc.org/fullchain.pem;
resolver 1.1.1.1 1.0.0.1 valid=300s;
resolver_timeout 5s;
}
server {
return 301 https://www.libsoc.org$request_uri;
server_name libsoc.org;
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/libsoc.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/libsoc.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
return 301 https://www.libsoc.org$request_uri;
listen 80;
listen [::]:80;
server_name www.libsoc.org libsoc.org;
}