lukehinds/gist:65d6da0ab3a4ce39a9c0

## gistfile1.txt
server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;
        return 301 https://nfv.space$request_uri;
        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://avatars.githubusercont$nt.com; img-src *; style-src https: 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com  https://fonts.gstatic.com; object-src 'none'";

}


server {
        listen 443 ssl;

        root /var/www/nfvspace;
        index index.php index.html index.htm;

        server_name nfv.space;
        add_header X-Frame-Options "SAMEORIGIN";
        add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
        add_header X-Content-Type-Options nosniff;
        add_header X-XSS-Protection "1; mode=block";
        add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://avatars.githubusercontent.com; img-src *; style-src https: 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com  https://fonts.gstatic.com; object-src 'none'";
        add_header Public-Key-Pins 'pin-sha256="xXEEzomG2N6hdat2mh4ihZyg5HTtY/ooyW6ZiDVOpBg="; \
        pin-sha256="xMLI6oh+YtS/VUVneBYhuNpruxWj5TCtDN28Yb87rG4="; \
        pin-sha256="t8bKmXF6QhKHZSriAlXS3/l32+pvYfHBCGiCAPM4NqI="; \
        max-age=10';
        ssl_certificate /etc/nginx/ssl/ssl-bundle.crt;
        ssl_certificate_key /etc/nginx/ssl/nfvspace.key;

        location / {
                try_files $uri $uri/ /index.php?q=$uri&$args;
        }

         location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }
   }
}
	server {
	listen 80 default_server;
	listen [::]:80 default_server ipv6only=on;
	return 301 https://nfv.space$request_uri;
	add_header X-Frame-Options "SAMEORIGIN";
	add_header X-Content-Type-Options nosniff;
	add_header X-XSS-Protection "1; mode=block";
	add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://avatars.githubusercont$nt.com; img-src *; style-src https: 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; object-src 'none'";

	}


	server {
	listen 443 ssl;

	root /var/www/nfvspace;
	index index.php index.html index.htm;

	server_name nfv.space;
	add_header X-Frame-Options "SAMEORIGIN";
	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
	add_header X-Content-Type-Options nosniff;
	add_header X-XSS-Protection "1; mode=block";
	add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://avatars.githubusercontent.com; img-src *; style-src https: 'unsafe-inline'; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; object-src 'none'";
	add_header Public-Key-Pins 'pin-sha256="xXEEzomG2N6hdat2mh4ihZyg5HTtY/ooyW6ZiDVOpBg="; \
	pin-sha256="xMLI6oh+YtS/VUVneBYhuNpruxWj5TCtDN28Yb87rG4="; \
	pin-sha256="t8bKmXF6QhKHZSriAlXS3/l32+pvYfHBCGiCAPM4NqI="; \
	max-age=10';
	ssl_certificate /etc/nginx/ssl/ssl-bundle.crt;
	ssl_certificate_key /etc/nginx/ssl/nfvspace.key;

	location / {
	try_files $uri $uri/ /index.php?q=$uri&$args;
	}

	location ~ \.php$ {
	try_files $uri =404;
	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	location ~ \.php$ {
	try_files $uri =404;
	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	fastcgi_pass unix:/var/run/php5-fpm.sock;
	fastcgi_index index.php;
	include fastcgi_params;
	}
	}
	}