44 lines
1.1 KiB
Plaintext
44 lines
1.1 KiB
Plaintext
# Generated by Chef
|
|
|
|
server {
|
|
server_name _;
|
|
listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>80 default_server;
|
|
|
|
location / {
|
|
return 301 https://<%= @domain %>;
|
|
}
|
|
}
|
|
|
|
server {
|
|
server_name <%= @domain %>;
|
|
listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>443 ssl http2 default_server;
|
|
listen [::]:443 ssl http2 default_server;
|
|
|
|
if ($host != $server_name) {
|
|
return 307 $scheme://$server_name;
|
|
}
|
|
|
|
root /var/www/<%= @domain %>/public;
|
|
|
|
access_log <%= node[:openresty][:log_dir] %>/<%= @domain %>.access.log;
|
|
error_log <%= node[:openresty][:log_dir] %>/<%= @domain %>.error.log warn;
|
|
|
|
gzip_static on;
|
|
gzip_comp_level 5;
|
|
|
|
ssl_certificate <%= @ssl_cert %>;
|
|
ssl_certificate_key <%= @ssl_key %>;
|
|
|
|
location /.well-known/host-meta.json {
|
|
add_header 'Access-Control-Allow-Origin' '*';
|
|
}
|
|
|
|
<% if @accounts_url %>
|
|
location ~ ^/.well-known/(keysend|lnurlp|nostr|openpgpkey|webfinger) {
|
|
proxy_ssl_server_name on;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_pass <%= @accounts_url %>;
|
|
}
|
|
<% end %>
|
|
}
|