45 lines
1.1 KiB
Plaintext
45 lines
1.1 KiB
Plaintext
server {
|
|
# Listen on port 80 for standard HTTP traffic
|
|
listen 80;
|
|
|
|
# Specify the domain name this block should respond to
|
|
server_name SERVER_NAME;
|
|
|
|
location .well-known/acme-challenge/ {
|
|
root /var/www/certbot;
|
|
}
|
|
|
|
location / {
|
|
# Redirect all HTTP requests to HTTPS
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name SERVER_NAME;
|
|
ssl_certificate /etc/letsencrypt/live/SERVER_NAME/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/SERVER_NAME/privkey.pem;
|
|
|
|
root /var/www/html/SERVER_NAME;
|
|
|
|
index index.html index.htm;
|
|
|
|
location / {
|
|
auth_basic "Restricted Documentation Area";
|
|
auth_basic_user_file /etc/nginx/auth/AUTH_FILE;
|
|
try_files $uri $uri/ =404;
|
|
}
|
|
|
|
location ~* \.(css|js|jpg|jpeg|png|gif|ico|svg)$ {
|
|
# Set cache duration to 30 days
|
|
expires 30d;
|
|
# Disable access logging for these files to reduce disk I/O
|
|
access_log off;
|
|
auth_basic "Restricted Documentation Area";
|
|
auth_basic_user_file /etc/nginx/auth/AUTH_FILE;
|
|
}
|
|
|
|
}
|