Use LetsEncrypt.

This commit is contained in:
Niels G. W. Serup 2016-08-25 21:54:28 +02:00
parent 78c2c2136f
commit b204bb6c6d
2 changed files with 24 additions and 13 deletions

8
misc/nginx-base.conf Normal file
View File

@ -0,0 +1,8 @@
server_name media.metanohi.name www.media.metanohi.name;
root /var/www/media.metanohi.name/site;
index index.html;
location / {
try_files $uri $uri/ =404;
}

View File

@ -2,15 +2,18 @@ server {
listen 80;
listen [::]:80;
root /var/www/media.metanohi.name/site;
index index.html;
server_name media.metanohi.name;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
include /etc/nginx/snippets/letsencrypt.conf;
include /etc/nginx/basics/media.metanohi.name.conf;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/letsencrypt/live/media.metanohi.name/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/media.metanohi.name/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/media.metanohi.name/fullchain.pem;
include /etc/nginx/snippets/ssl.conf;
include /etc/nginx/basics/media.metanohi.name.conf;
}