nekocentral/config nginx

## config nginx
server {
    listen *:80;
    listen [::]:80;
    server_name sitischu.com;
    #Redirect to HTTPS
    if ($scheme = http) {return 301 https://$server_name$request_uri;}

}
server{
    listen *:80;
    listen *:443 ssl http2;
    listen [::]:80;
    listen [::]:443 ssl http2;
    ssl_certificate /certs/sitischu.com/fullchain.cer;
    ssl_certificate_key /certs/sitischu.com/sitischu.com.key;
    server_name www.sitischu.com;
    #Redirect to non-www
    rewrite ^(.*) https://sitischu.com$1 permanent;

    # SSL Protocol and Ciphers and other settings
    include /etc/nginx/snippets/ssl_settings.conf;

    #OCSP Stapling
    ssl_trusted_certificate /certs/sitischu.com/ca.cer; # OCSP Pinning
    include /etc/nginx/snippets/ocsp.conf;
}
server{
    #Headers
    include /etc/nginx/snippets/headers.conf;

    #Listener
    listen *:443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;
    server_name sitischu.com;

    # Certificate and Private Key
    ssl_certificate /certs/sitischu.com/fullchain.cer;
    ssl_certificate_key /certs/sitischu.com/sitischu.com.key;

    # Log Locations
    access_log /var/log/nginx/sitischu.com/access.log;
    error_log /var/log/nginx/sitischu.com/error.log;

    # Root and Index
    root /var/www/sitischu.com;
    index index.html index.htm index.php;

    location / {
    try_files $uri.htm $uri $uri/ =404;
    index index.htm index.php;

    #Exipre header for static files
    if ($request_uri ~* ".(jpg|jpeg|gif|css|png|htc|ico|js)(\?v=[0-9.]+)?$") {expires 30d;}
    }

    #gzip
    include /etc/nginx/snippets/gzip.conf;

    # SSL Protocol and Ciphers and other settings
    include /etc/nginx/snippets/ssl_settings.conf;

    #OCSP Stapling
    ssl_trusted_certificate /certs/sitischu.com/ca.cer; # OCSP Cert specific to domain
    include /etc/nginx/snippets/ocsp.conf;

    #PHP Defining
    location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
    fastcgi_index index.php;
    include fastcgi.conf;
}
	server {
	listen *:80;
	listen [::]:80;
	server_name sitischu.com;
	#Redirect to HTTPS
	if ($scheme = http) {return 301 https://$server_name$request_uri;}

	}
	server{
	listen *:80;
	listen *:443 ssl http2;
	listen [::]:80;
	listen [::]:443 ssl http2;
	ssl_certificate /certs/sitischu.com/fullchain.cer;
	ssl_certificate_key /certs/sitischu.com/sitischu.com.key;
	server_name www.sitischu.com;
	#Redirect to non-www
	rewrite ^(.*) https://sitischu.com$1 permanent;

	# SSL Protocol and Ciphers and other settings
	include /etc/nginx/snippets/ssl_settings.conf;

	#OCSP Stapling
	ssl_trusted_certificate /certs/sitischu.com/ca.cer; # OCSP Pinning
	include /etc/nginx/snippets/ocsp.conf;
	}
	server{
	#Headers
	include /etc/nginx/snippets/headers.conf;

	#Listener
	listen *:443 ssl http2 default_server;
	listen [::]:443 ssl http2 default_server;
	server_name sitischu.com;

	# Certificate and Private Key
	ssl_certificate /certs/sitischu.com/fullchain.cer;
	ssl_certificate_key /certs/sitischu.com/sitischu.com.key;

	# Log Locations
	access_log /var/log/nginx/sitischu.com/access.log;
	error_log /var/log/nginx/sitischu.com/error.log;

	# Root and Index
	root /var/www/sitischu.com;
	index index.html index.htm index.php;

	location / {
	try_files $uri.htm $uri $uri/ =404;
	index index.htm index.php;

	#Exipre header for static files
	if ($request_uri ~* ".(jpg\|jpeg\|gif\|css\|png\|htc\|ico\|js)(\?v=[0-9.]+)?$") {expires 30d;}
	}

	#gzip
	include /etc/nginx/snippets/gzip.conf;

	# SSL Protocol and Ciphers and other settings
	include /etc/nginx/snippets/ssl_settings.conf;

	#OCSP Stapling
	ssl_trusted_certificate /certs/sitischu.com/ca.cer; # OCSP Cert specific to domain
	include /etc/nginx/snippets/ocsp.conf;

	#PHP Defining
	location ~ [^/]\.php(/\|$) {
	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
	fastcgi_index index.php;
	include fastcgi.conf;
	}