X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=installation%2Fpleroma.nginx;h=cc75d78b2f8646c50be7b40ba538abb652886f09;hb=28f7f4c6dec681ae292767623cbad553b2a0f5b5;hp=a0e91f464109288f54b6dfdc701c2263b8e0881f;hpb=10a96825960fc2d5465e9b4992c33941c8bd0c64;p=akkoma diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index a0e91f464..cc75d78b2 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -11,16 +11,19 @@ proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cac server { server_name example.tld; + listen 80; + listen [::]:80; return 301 https://$server_name$request_uri; # Uncomment this if you need to use the 'webroot' method with certbot. Make sure - # that you also create the .well-known/acme-challenge directory structure in pleroma/priv/static and - # that is is accessible by the webserver. You may need to load this file with the ssl - # server block commented out, run certbot to get the certificate, and then uncomment it. + # that the directory exists and that it is accessible by the webserver. If you followed + # the guide, you already ran 'sudo mkdir -p /var/lib/letsencrypt' to create the folder. + # You may need to load this file with the ssl server block commented out, run certbot + # to get the certificate, and then uncomment it. # # location ~ /\.well-known/acme-challenge { - # root /pleroma/priv/static/; + # root /var/lib/letsencrypt/.well-known/acme-challenge; # } } @@ -28,7 +31,10 @@ server { ssl_session_cache shared:ssl_session_cache:10m; server { + server_name example.tld; + listen 443 ssl http2; + listen [::]:443 ssl http2; ssl_session_timeout 5m; ssl_trusted_certificate /etc/letsencrypt/live/example.tld/chain.pem; @@ -47,8 +53,6 @@ server { ssl_stapling on; ssl_stapling_verify on; - server_name example.tld; - gzip_vary on; gzip_proxied any; gzip_comp_level 6;