2023-06-24 21:11:29 +07:00
|
|
|
server {
|
|
|
|
|
|
|
|
server_name www.libsoc.org;
|
|
|
|
|
|
|
|
root /home/server/libsoc/Server/public/;
|
|
|
|
|
|
|
|
add_header alt-svc 'h3=":443"; ma=2592000, h3-23=":443"; ma=86400, h3-29=":443"; ma=2592000';
|
|
|
|
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
|
|
|
|
|
|
|
|
location ~* \.(?:ico|gif|jpe?g|png|svg)$ {
|
|
|
|
expires 1d;
|
|
|
|
add_header Pragma public;
|
|
|
|
add_header Cache-Control "public";
|
|
|
|
}
|
2023-07-30 17:04:15 +07:00
|
|
|
location ~* \.(?:css|js|json|txt)$ {
|
|
|
|
expires 1h;
|
2023-06-24 21:11:29 +07:00
|
|
|
add_header Pragma public;
|
|
|
|
add_header Cache-Control "public";
|
|
|
|
}
|
|
|
|
location ~* \.(?:woff2|woff|ttf)$ {
|
|
|
|
expires max;
|
|
|
|
add_header Pragma public;
|
|
|
|
add_header Cache-Control "public";
|
|
|
|
}
|
2023-07-30 17:04:15 +07:00
|
|
|
|
2023-06-24 21:11:29 +07:00
|
|
|
location /js/ {}
|
|
|
|
location /css {}
|
|
|
|
location /img/ {}
|
|
|
|
location /assets/ {}
|
|
|
|
location /fonts/ {}
|
|
|
|
location /favicon.ico {}
|
|
|
|
location /robots.txt {}
|
2023-07-30 17:04:15 +07:00
|
|
|
location /sitemap.txt {}
|
2023-06-24 21:11:29 +07:00
|
|
|
location ~ /loaderio-58f125137ee61345d68285d88016ce2a {}
|
|
|
|
|
2023-07-30 17:04:15 +07:00
|
|
|
map $request_uri $language_redirect {
|
|
|
|
~^/(check-login|login-post|logout|signup-post|signup-google|change-user|get-user|confirm-email) ""; # Excluded URIs, no redirection
|
|
|
|
~^/([a-zA-Z]{2})/ ""; # Matches URIs that start with a two-letter language code and sets it to an empty string
|
|
|
|
default /en; # Redirects all other URIs to the /en prefix
|
|
|
|
}
|
|
|
|
|
2023-06-24 21:11:29 +07:00
|
|
|
location / {
|
2023-07-30 17:04:15 +07:00
|
|
|
rewrite ^ $language_redirect$request_uri? permanent;
|
|
|
|
proxy_pass http://127.0.0.1:8001;
|
2023-06-24 21:11:29 +07:00
|
|
|
}
|
2023-07-20 17:26:26 +07:00
|
|
|
|
2023-07-30 17:04:15 +07:00
|
|
|
rewrite /en/communities /en/communes permanent;
|
|
|
|
rewrite /en/coops /en/cooperatives permanent;
|
|
|
|
rewrite /en/affiliates /en/partners permanent;
|
|
|
|
|
|
|
|
|
2023-06-24 21:11:29 +07:00
|
|
|
listen 443 http3;
|
|
|
|
listen 443 ssl http2;
|
2023-07-30 17:04:15 +07:00
|
|
|
ssl_certificate /etc/letsencrypt/live/libsoc.org-0001/fullchain.pem; # managed by Certbot
|
|
|
|
ssl_certificate_key /etc/letsencrypt/live/libsoc.org-0001/privkey.pem; # managed by Certbot
|
2023-06-24 21:11:29 +07:00
|
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
|
|
|
|
|
|
ssl_buffer_size 4k;
|
|
|
|
ssl_stapling on;
|
|
|
|
ssl_stapling_verify on;
|
|
|
|
ssl_trusted_certificate /etc/letsencrypt/live/libsoc.org/fullchain.pem;
|
|
|
|
|
|
|
|
resolver 1.1.1.1 1.0.0.1 valid=300s;
|
|
|
|
resolver_timeout 5s;
|
2023-07-30 17:04:15 +07:00
|
|
|
|
2023-06-24 21:11:29 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
server {
|
|
|
|
return 301 https://www.libsoc.org$request_uri;
|
|
|
|
|
|
|
|
server_name libsoc.org;
|
|
|
|
|
|
|
|
listen 443 ssl http2; # managed by Certbot
|
2023-07-30 17:04:15 +07:00
|
|
|
ssl_certificate /etc/letsencrypt/live/libsoc.org-0001/fullchain.pem; # managed by Certbot
|
|
|
|
ssl_certificate_key /etc/letsencrypt/live/libsoc.org-0001/privkey.pem; # managed by Certbot
|
2023-06-24 21:11:29 +07:00
|
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
2023-07-30 17:04:15 +07:00
|
|
|
|
2023-06-24 21:11:29 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
2023-07-30 17:04:15 +07:00
|
|
|
return 301 https://www.libsoc.org$request_uri;
|
|
|
|
|
|
|
|
listen 80;
|
|
|
|
listen [::]:80;
|
|
|
|
|
|
|
|
server_name www.libsoc.org libsoc.org;
|
2023-06-24 21:11:29 +07:00
|
|
|
|
|
|
|
}
|