45 lines
1.4 KiB
Django/Jinja
45 lines
1.4 KiB
Django/Jinja
server {
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
|
|
server_name {{ stream_frontend_nginx_url }} stream.ese.ifsr.de;
|
|
|
|
|
|
# Some systems require you to actually create this directory before starting nginx.
|
|
# If this is the case on your system, you may need to move it outside `/tmp` and create the directory manually (not forgetting to give ownership
|
|
# to www-data with chown).
|
|
# Thanks to @joe for pointing this out in a comment!
|
|
client_body_temp_path /tmp/nginx-client-bodies;
|
|
client_max_body_size 0;
|
|
create_full_put_path on;
|
|
add_header Access-Control-Allow-Origin *;
|
|
add_header Access-Control-Max-Age 3600;
|
|
add_header Access-Control-Expose-Headers Content-Length;
|
|
add_header Access-Control-Allow-Headers Range;
|
|
root /var/www/{{ stream_frontend_nginx_url }}/;
|
|
ssl_certificate /data/fullchain.pem; # managed by Certbot
|
|
ssl_certificate_key /data/privkey.pem; # managed by Certbot
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
server {
|
|
if ($host = {{ stream_frontend_nginx_url }}) {
|
|
return 301 https://$host$request_uri;
|
|
} # managed by Certbot
|
|
|
|
if ($host = stream.ese.ifsr.de) {
|
|
return 301 https://$host$request_uri;
|
|
} # managed by Certbot
|
|
|
|
|
|
listen 80;
|
|
server_name {{ stream_frontend_nginx_url }} stream.ese.ifsr.de;
|
|
return 404; # managed by Certbot
|
|
|
|
|
|
}
|