azeem/nginx-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updated deployed scripts

Browse Source
This commit is contained in:
Azeem Fidahusein
2025-06-25 08:49:14 +01:00
parent 83a12f0423
commit 68053c8ff0
2 changed files with 23 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
sites-available/affine
View File

@@ -1,18 +1,19 @@
# Block 1: Redirects all HTTP traffic to HTTPS
server { server {
listen 80; listen 80;
server_name notes.aaf.systems; server_name notes.aaf.systems;
# Redirect all HTTP traffic to HTTPS
# This redirect is managed by Certbot's --redirect flag,
# but we include it for completeness.
return 301 https://$host$request_uri; return 301 https://$host$request_uri;
} }
# Block 2: Handles the secure HTTPS traffic
server { server {
listen 443 ssl http2; listen 443 ssl http2;
server_name notes.aaf.systems; server_name notes.aaf.systems;
# SSL Certificates (managed by Certbot) # --- This is the location block that was missing ---
ssl_certificate /etc/letsencrypt/live/notes.aaf.systems/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/notes.aaf.systems/privkey.pem;
location / { location / {
proxy_pass http://100.93.165.98:3010; proxy_pass http://100.93.165.98:3010;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
@@ -22,4 +23,11 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
} }
# --- End of location block ---
# SSL settings managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.aaf.systems/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/git.aaf.systems/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
} }

16
sites-available/gitea
View File

@@ -1,20 +1,18 @@
# Block 1: Redirects all HTTP traffic to HTTPS
server { server {
listen 80; listen 80;
server_name git.aaf.systems; server_name git.aaf.systems;
# Redirect all HTTP traffic to HTTPS
return 301 https://$host$request_uri; return 301 https://$host$request_uri;
} }
# Block 2: Handles the secure HTTPS traffic
server { server {
listen 443 ssl http2; listen 443 ssl http2;
server_name git.aaf.systems; server_name git.aaf.systems;
# SSL Certificates (managed by Certbot)
ssl_certificate /etc/letsencrypt/live/git.aaf.systems/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/git.aaf.systems/privkey.pem;
location / { location / {
proxy_pass http://100.93.165.98:3000; # IMPORTANT: Replace with the correct Tailscale IP for your Gitea server
proxy_pass http://<IP_OF_GITEA_SERVER>:3000;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
@@ -22,4 +20,10 @@ server {
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; proxy_set_header Connection "upgrade";
} }
# SSL settings managed by Certbot
ssl_certificate /etc/letsencrypt/live/git.aaf.systems/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/git.aaf.systems/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
} }