nginx.production.conf 919 Bytes
Newer Older
totte's avatar
totte committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40
upstream gunicorn {
    server gunicorn:8000;
}

server {
    listen 80;
    server_name www.chakralinux.org;

    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name www.chakralinux.org;
    ssl_certificate /etc/letsencrypt/live/www.chakralinux.org/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.chakralinux.org/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

    location / {
        proxy_pass http://gunicorn;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_redirect off;
    }

    location /static/ {
        alias /srv/melange/static/;
    }

    location /media/ {
        alias /srv/melange/media/;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/certbot;
    }
}