X-Git-Url: https://jfr.im/git/uguu.git/blobdiff_plain/af4b9c424600265fbc2f155f16e6424bc08a1ab9..7f8963f6ede34931e3c9a0a90fcfe6e9d40d53ef:/docker/nginx/uguu.conf

diff --git a/docker/nginx/uguu.conf b/docker/nginx/uguu.conf
index af13672..45b3d35 100644
--- a/docker/nginx/uguu.conf
+++ b/docker/nginx/uguu.conf
@@ -1,36 +1,64 @@
-server{
-
-    listen          80;
-    server_name     XXX;
-    #ssl on;
-    #ssl_certificate /etc/nginx/ssl/fullchain.pem;
-    #ssl_certificate_key /etc/nginx/ssl/privkey.pem;
-    #ssl_protocols TLSv1.2 TLSv1.3;
-    #ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
-    #ssl_ecdh_curve secp384r1;
-
-    root /var/www/uguu/dist/public/;
-    autoindex       on;
-    access_log      on;
-    index index.html;
+server {
+    listen            443 ssl http2;
+    server_name       XMAINDOMAINX;
+
+    ssl on;
+    ssl_certificate   /root/.acme.sh/XMAINDOMAINX/fullchain.cer;
+    ssl_certificate_key /root/.acme.sh/XMAINDOMAINX/XMAINDOMAINX.key;
+    ssl_protocols     TLSv1.2 TLSv1.3;
+    ssl_ciphers       'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+    ssl_ecdh_curve    secp384r1;
+
+    root              /var/www/uguu/dist/public/;
+    autoindex         off;
+    access_log        off;
+    index             index.html;
 
     location ~* \.(css|js|jpg|jpeg|gif|png|ico|xml|eot|woff|woff2|ttf|svg|otf|x-icon|avif|webp|apng)$ {
-    expires 30d;
+      expires         30d;
     }
 
-    client_max_body_size 128M;
-    gzip on;
-    gzip_min_length 1000;
-    gzip_comp_level 6;
-    gzip_proxied any;
-    gzip_types text/css text/js text/javascript application/javascript application/x-javascript;
+    gzip              on;
+    gzip_min_length   1000;
+    gzip_comp_level   6;
+    gzip_proxied      any;
+    gzip_types        text/css text/js text/javascript application/javascript application/x-javascript;
 
     location ~* \.php$ {
-    fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
+    fastcgi_pass     unix:/var/run/php/php8.1-fpm.sock;
     fastcgi_intercept_errors on;
-    fastcgi_index index.php;
+    fastcgi_index    index.php;
     fastcgi_split_path_info ^(.+\.php)(.*)$;
-    include fastcgi_params;
-    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    include          fastcgi_params;
+    fastcgi_param    SCRIPT_FILENAME $document_root$fastcgi_script_name;
     }
 }
+
+server {
+    listen           443 ssl;
+    server_name      XFILESDOMAINX;
+
+    ssl              on;
+    ssl_certificate   /root/.acme.sh/XMAINDOMAINX/fullchain.cer;
+    ssl_certificate_key /root/.acme.sh/XMAINDOMAINX/XMAINDOMAINX.key;
+    ssl_protocols    TLSv1.2 TLSv1.3;
+    ssl_ciphers      'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
+    ssl_ecdh_curve   secp384r1;
+
+    root             /var/www/files/;
+    autoindex        off;
+    access_log       off;
+    index            index.html;
+  }
+
+  server {
+      listen           80;
+      server_name      XMAINDOMAINX;
+      return 301       https://XMAINDOMAINX$request_uri;
+    }
+
+  server {
+      listen           80;
+      server_name      XFILESDOMAINX;
+      return 301       https://XFILESDOMAINX$request_uri;
+    }