Nginx now uses template syntax for easier config

2021-01-09 15:15:22 +01:00 · 2021-01-09 15:15:22 +01:00 · 929d1e2cf4
commit 929d1e2cf4
parent 69fadcbbed
8 changed files with 114 additions and 47 deletions
--- a/nginx/templates/events.conf.template
+++ b/nginx/templates/events.conf.template
@ -0,0 +1,3 @@
+events {
+
+}
--- a/nginx/templates/http.conf.template
+++ b/nginx/templates/http.conf.template
@ -0,0 +1,35 @@
+http {
+    # SSL CONFIGURATION
+    # Key locations
+    ssl_certificate     /etc/letsencrypt/live/${MAIN_DOMAIN}/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/${MAIN_DOMAIN}/privkey.pem;
+
+    # Allowed protocols
+    ssl_protocols TLSv1.2;
+
+    # Allowed cyphers
+    # ssl_ciphers EECDH+CHACHA20:EECDH+AES;
+
+    # Cache settings
+    ssl_session_cache           shared:SSL:10m;
+    ssl_session_timeout         10m;
+
+    # Still gotta figure out what these do
+    ssl_session_tickets         off;
+    ssl_prefer_server_ciphers   on;
+    ssl_ecdh_curve              X25519:prime256v1:secp521r1:secp384r1;
+
+
+    # Auto-route all HTTP requests to HTTPS
+    server {
+        listen ${HTTP_PORT};
+        listen [::]:${HTTP_PORT};
+        server_name _;
+
+        return 301 https://$host:${HTTPS_PORT}$request_uri;
+    }
+
+
+    # LOAD SITES
+    include sites-enabled/*.conf;
+}