Fix and improve nginx redirects, akkounts headers
This commit is contained in:
@@ -14,7 +14,5 @@ server {
|
||||
ssl_certificate <%= @ssl_cert %>;
|
||||
ssl_certificate_key <%= @ssl_key %>;
|
||||
|
||||
location / {
|
||||
return <%= @http_status || 301 %> <%= @target %>;
|
||||
}
|
||||
return <%= @http_status || 307 %> <%= @target %>;
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
server {
|
||||
server_name _;
|
||||
listen 80 default_server;
|
||||
listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>80 default_server;
|
||||
|
||||
location / {
|
||||
return 301 https://<%= @domain %>;
|
||||
@@ -14,6 +14,10 @@ server {
|
||||
listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>443 ssl http2 default_server;
|
||||
listen [::]:443 ssl http2 default_server;
|
||||
|
||||
if ($host != $server_name) {
|
||||
return 307 $scheme://$server_name;
|
||||
}
|
||||
|
||||
root /var/www/<%= @domain %>/public;
|
||||
|
||||
access_log <%= node[:openresty][:log_dir] %>/<%= @domain %>.access.log;
|
||||
@@ -22,14 +26,13 @@ server {
|
||||
gzip_static on;
|
||||
gzip_comp_level 5;
|
||||
|
||||
add_header 'Access-Control-Allow-Origin' '*';
|
||||
|
||||
ssl_certificate <%= @ssl_cert %>;
|
||||
ssl_certificate_key <%= @ssl_key %>;
|
||||
|
||||
<% if @accounts_url %>
|
||||
location ~ ^/.well-known/(webfinger|nostr|lnurlp|keysend) {
|
||||
proxy_ssl_server_name on;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
proxy_pass https://accounts.kosmos.org;
|
||||
}
|
||||
<% end %>
|
||||
|
||||
Reference in New Issue
Block a user