65 lines
1.4 KiB
Text
65 lines
1.4 KiB
Text
server {
|
|
server_name rc.ari.lt;
|
|
|
|
http2 on;
|
|
listen 80;
|
|
listen [::]:80;
|
|
|
|
limit_req zone=all burst=5 delay=5;
|
|
limit_req zone=allm burst=5 delay=5;
|
|
|
|
include /etc/nginx/snippets.d/paranoia-headers.conf;
|
|
|
|
return 301 https://$server_name$request_uri;
|
|
}
|
|
|
|
server {
|
|
server_name rc.ari.lt;
|
|
|
|
http2 on;
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
|
|
limit_req zone=all burst=15 delay=5;
|
|
limit_req zone=allm burst=15 delay=5;
|
|
|
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/ari.lt-0001/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/ari.lt-0001/privkey.pem;
|
|
ssl_trusted_certificate /etc/letsencrypt/live/ari.lt-0001/chain.pem;
|
|
include /etc/nginx/snippets.d/ssl.conf;
|
|
|
|
include /etc/nginx/snippets.d/5xx.conf;
|
|
|
|
root /var/www/roundcubemail/;
|
|
|
|
index index.php index.html index.htm index.nginx-debian.html;
|
|
|
|
location / {
|
|
try_files $uri $uri/ =404;
|
|
}
|
|
|
|
location = /robots.txt {
|
|
return 200 "User-Agent: *
|
|
Disallow: /";
|
|
}
|
|
|
|
location ~ \.php$ {
|
|
fastcgi_pass unix:/run/php-fpm.sock;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
include /etc/nginx/snippets.d/fastcgi-params.conf;
|
|
}
|
|
|
|
location ~ /\.ht {
|
|
deny all;
|
|
}
|
|
|
|
location ~ /.well-known {
|
|
allow all;
|
|
}
|
|
|
|
location ~ /\.ht {
|
|
deny all;
|
|
}
|
|
}
|