65 lines
1.1 KiB
ReStructuredText
65 lines
1.1 KiB
ReStructuredText
Serve
|
|
=====
|
|
|
|
* /etc/nginx/sites-available/…
|
|
|
|
::
|
|
|
|
server {
|
|
listen 80;
|
|
server_name _;
|
|
location "/mirrors" {
|
|
root "/";
|
|
autoindex on;
|
|
}
|
|
location "/" {
|
|
root "/data/http";
|
|
autoindex on;
|
|
}
|
|
}
|
|
server {
|
|
listen 443 ssl http2;
|
|
server_name "sous.domaine.tld";
|
|
ssl_certificate "/etc/nginx/certificates/nom.crt";
|
|
ssl_certificate_key "/etc/nginx/certificates/nom.key";
|
|
location "/static" {
|
|
root "/data/https";
|
|
default_type "text/html";
|
|
index "index.html";
|
|
}
|
|
location "/" {
|
|
proxy_pass "http://127.0.0.1:8069";
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
}
|
|
}
|
|
|
|
Certificates
|
|
------------
|
|
|
|
::
|
|
|
|
application/x-x509-ca-cert crt der pem;
|
|
application/x-x509-user-cert pfx;
|
|
|
|
Check client certificate
|
|
------------------------
|
|
|
|
::
|
|
|
|
location /protected {
|
|
ssl_client_certificate ca.crt;
|
|
ssl_verify_client on;
|
|
}
|
|
|
|
Redirect http to https
|
|
----------------------
|
|
|
|
::
|
|
|
|
server {
|
|
listen 80 default_server;
|
|
listen [::]:80 default_server;
|
|
server_name _;
|
|
return 301 https://${host}${request_uri};
|
|
}
|