server { listen 8080; server_name www.gruszczynski.eu.org; set $base /var/www/gruszczynski.eu.org; root $base; # security include config/security.conf; # restrict methods if ($request_method !~ ^(GET)$) { return '405'; } # logging #access_log /var/log/angie/gruszczynski.eu.org.access.log; #error_log /var/log/angie/gruszczynski.eu.org.error.log warn; # index.php index index.php index.html; # additional config include config/general.conf; # letsencrypt include config/letsencrypt.conf; # handle .php location ~ \.php$ { include config/php_fastcgi.conf; } } server { listen 443 quic; listen 443 ssl; http2 on; http3 on; ssl_protocols TLSv1.3 TLSv1.2; ssl_early_data on; add_header Alt-Svc 'h3=":$server_port"; ma=86400'; server_name www.gruszczynski.eu.org; ssl_certificate /etc/ssl/gruszczynski.eu.org/fullchain.pem; ssl_certificate_key /etc/ssl/gruszczynski.eu.org/privkey.pem; # ssl cfg include config/ssl_cfg.conf; location / { proxy_pass http://127.0.0.1:6081/; include config/proxy.conf; } } # HTTP redirect server { listen 80; add_header Alt-Svc 'h3=":443"; ma=86400'; server_name gruszczynski.eu.org www.gruszczynski.eu.org; # include config/letsencrypt.conf; # restrict methods if ($request_method !~ ^(GET)$) { return '405'; } location / { return 301 https://www.gruszczynski.eu.org$request_uri; } } server { listen 443 quic; listen 443 ssl; http2 on; http3 on; ssl_protocols TLSv1.3 TLSv1.2; ssl_early_data on; add_header Alt-Svc 'h3=":$server_port"; ma=86400'; server_name gruszczynski.eu.org; ssl_certificate /etc/ssl/gruszczynski.eu.org/fullchain.pem; ssl_certificate_key /etc/ssl/gruszczynski.eu.org/privkey.pem; # ssl cfg include config/ssl_cfg.conf; # security include config/security.conf; # restrict methods if ($request_method !~ ^(GET)$) { return '405'; } location / { return 301 https://www.gruszczynski.eu.org$request_uri; } }