Skip to content

Instantly share code, notes, and snippets.

@Tugzrida
Last active December 11, 2020 06:54
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Tugzrida/4206a67bb037e30e0d2c3eb0dc2b1d3c to your computer and use it in GitHub Desktop.
Save Tugzrida/4206a67bb037e30e0d2c3eb0dc2b1d3c to your computer and use it in GitHub Desktop.
MTA-STS vhost for Nginx
# A simple Nginx vhost to direct all requests to mta-sts.example.com to the mta-sts file.
# Just substitute your domain and certificate paths(MTA-STS *must* be available over HTTPS)
# Then do mkdir -p /var/www/mta-sts/.well-known and add your policy to
# /var/www/mta-sts/.well-known/mta-sts.txt
server {
listen 80;
listen [::]:80;
server_name mta-sts.example.com;
return 301 https://mta-sts.example.com/.well-known/mta-sts.txt;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
server_name mta-sts.example.com;
root /var/www/mta-sts;
try_files $uri @mta-sts;
location @mta-sts {
return 301 https://mta-sts.example.com/.well-known/mta-sts.txt;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment