sergey-prosvirnin/gist:0fb8c37a38fdbe024d61b7705fd73978 Secret

## gistfile1.txt
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {

  worker_connections 768;
  # multi_accept on;
}

http {

  ##
  # Basic Settings
  ##

  sendfile on;
  tcp_nopush on;
  tcp_nodelay on;
  keepalive_timeout 65;
  types_hash_max_size 2048;
  # server_tokens off;

  # server_names_hash_bucket_size 64;
  # server_name_in_redirect off;

  include /etc/nginx/mime.types;
  default_type application/octet-stream;

  ##
  # SSL Settings
  ##

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
  ssl_prefer_server_ciphers on;

  ##
  # Logging Settings
  ##

  access_log /var/log/nginx/access.log;
  error_log /var/log/nginx/error.log;

  ##
  # Gzip Settings
  ##

  gzip on;

  # gzip_vary on;
  # gzip_proxied any;
  # gzip_comp_level 6;
  # gzip_buffers 16 8k;
  # gzip_http_version 1.1;
  # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

  ##
  # Virtual Host Configs
  ##
  include /etc/nginx/conf.d/*.conf;
  include /etc/nginx/sites-enabled/*;

  server {

    server_name liga.is;

    location / {
      proxy_pass http://0.0.0.0:8080;
      proxy_redirect http://0.0.0.0:8080 https://liga.is;
    }

    location ~* .(jpg|jpeg|gif|png|ico|css|zip|rar|pdf)$ {

      root /var/www/static;
      error_page 404 = 404;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/liga.is/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/liga.is/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

  }

  server {

    if ($host = liga.is) {

      return 301 https://$host$request_uri;
      } # managed by Certbot

      listen 80;

      server_name liga.is;
      return 404; # managed by Certbot
    }

  }
	user www-data;
	worker_processes auto;
	pid /run/nginx.pid;
	include /etc/nginx/modules-enabled/*.conf;

	events {

	worker_connections 768;
	# multi_accept on;
	}

	http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;

	# gzip_vary on;
	# gzip_proxied any;
	# gzip_comp_level 6;
	# gzip_buffers 16 8k;
	# gzip_http_version 1.1;
	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# Virtual Host Configs
	##
	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;

	server {

	server_name liga.is;

	location / {
	proxy_pass http://0.0.0.0:8080;
	proxy_redirect http://0.0.0.0:8080 https://liga.is;
	}

	location ~* .(jpg\|jpeg\|gif\|png\|ico\|css\|zip\|rar\|pdf)$ {

	root /var/www/static;
	error_page 404 = 404;
	}

	listen 443 ssl; # managed by Certbot
	ssl_certificate /etc/letsencrypt/live/liga.is/fullchain.pem; # managed by Certbot
	ssl_certificate_key /etc/letsencrypt/live/liga.is/privkey.pem; # managed by Certbot
	include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

	}

	server {

	if ($host = liga.is) {

	return 301 https://$host$request_uri;
	} # managed by Certbot

	listen 80;

	server_name liga.is;
	return 404; # managed by Certbot
	}

	}