generated from nhcarrigan/template
refactor: consolidate pure-redirect server blocks into conf.d/redirects.conf
Moves 12 redirect-only server blocks out of their mixed host files (content, aria, hikari, celestine, support, scheduling, portfolio) and into a dedicated redirects.conf. Deletes the now-empty scheduling.conf and its sites-enabled symlink.
This commit is contained in:
@@ -0,0 +1,151 @@
|
||||
# Pure-redirect virtual hosts — server blocks whose only purpose is a 301/302 to another URL.
|
||||
|
||||
# val.nhcarrigan.com → headpat image
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name val.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/val.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/val.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 302 https://cdn.nhcarrigan.com/val-headpat.jpg;
|
||||
}
|
||||
}
|
||||
|
||||
# assistant.nhcarrigan.com → cordelia (legacy name)
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name assistant.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/assistant.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/assistant.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://cordelia.nhcarrigan.com$uri$is_args$args;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# trans-bot.nhcarrigan.com → aria (legacy name)
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name trans-bot.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/trans.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/trans.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://aria.nhcarrigan.com;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# announcements.nhcarrigan.com → hikari /announcements
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name announcements.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/announcements.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/announcements.nhcarrigan.com/privkey.pem;
|
||||
|
||||
return 301 https://hikari.nhcarrigan.com/announcements;
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# products.nhcarrigan.com → hikari /products
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name products.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/products.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/products.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://hikari.nhcarrigan.com/products;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# hooks.nhcarrigan.com → celestine (legacy name)
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name hooks.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/hooks.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/hooks.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://celestine.nhcarrigan.com$uri$is_args$args;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# chat.nhcarrigan.com → Discord invite
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name chat.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/chat.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/chat.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://discord.gg/KKe7BaEnQB;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# forum.nhcarrigan.com → support (legacy name)
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name forum.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/forum.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/forum.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://support.nhcarrigan.com;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# cyc.nhcarrigan.com → zcal scheduling
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name cyc.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/cyc.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/cyc.nhcarrigan.com/privkey.pem;
|
||||
|
||||
return 301 https://zcal.co/nhcarrigan/cyc;
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# meet.nhcarrigan.com → zcal scheduling
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name meet.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/meet.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/meet.nhcarrigan.com/privkey.pem;
|
||||
|
||||
return 301 https://zcal.co/nhcarrigan/meet;
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# tasks.nhcarrigan.com → melody
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name tasks.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/tasks.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/tasks.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://melody.nhcarrigan.com$uri$is_args$args;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# Wildcard: *.naomi.lgbt → *.nhcarrigan.com
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name ~^(?<subdomain>.+)\.naomi\.lgbt$;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/*.naomi.lgbt/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/*.naomi.lgbt/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://$subdomain.nhcarrigan.com$request_uri;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
@@ -1,4 +1,4 @@
|
||||
# Aria bot, Cordelia AI assistant, trans-related services, and legacy redirects.
|
||||
# Aria bot, Cordelia AI assistant, and trans-related services.
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name aria.nhcarrigan.com;
|
||||
@@ -12,18 +12,6 @@ server {
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name assistant.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/assistant.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/assistant.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://cordelia.nhcarrigan.com$uri$is_args$args;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name cordelia.nhcarrigan.com;
|
||||
@@ -38,18 +26,6 @@ server {
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name trans-bot.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/trans.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/trans.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://aria.nhcarrigan.com;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name trans.nhcarrigan.com;
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
# Celestine webhook handler and legacy hooks redirect.
|
||||
# Celestine webhook handler.
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name celestine.nhcarrigan.com;
|
||||
@@ -13,14 +13,3 @@ server {
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name hooks.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/hooks.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/hooks.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://celestine.nhcarrigan.com$uri$is_args$args;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
@@ -1,16 +1,5 @@
|
||||
# Static content and publishing sites: blog, books, donate, music, secrets, style, testimonials.
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name val.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/val.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/val.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 302 https://cdn.nhcarrigan.com/val-headpat.jpg;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name blog.nhcarrigan.com;
|
||||
|
||||
@@ -1,14 +1,4 @@
|
||||
# Hikari desktop app (Angular SPA + API backend) and legacy redirect subdomains.
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name announcements.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/announcements.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/announcements.nhcarrigan.com/privkey.pem;
|
||||
|
||||
return 301 https://hikari.nhcarrigan.com/announcements;
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# Hikari desktop app (Angular SPA + API backend).
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name hikari.nhcarrigan.com;
|
||||
@@ -37,14 +27,3 @@ server {
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name products.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/products.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/products.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://hikari.nhcarrigan.com/products;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
# Personal portfolio and vanity domains (naomi.lgbt, naomi.party, nhcarrigan.com, nhcarrigan.link, resume)
|
||||
# plus a wildcard catch-all that redirects *.naomi.lgbt → *.nhcarrigan.com.
|
||||
# Personal portfolio and vanity domains (naomi.lgbt, naomi.party, nhcarrigan.com, nhcarrigan.link, resume).
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name naomi.lgbt;
|
||||
@@ -160,16 +159,3 @@ server {
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# Wildcard catch-all — must remain last so specific subdomains take priority
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name ~^(?<subdomain>.+)\.naomi\.lgbt$;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/*.naomi.lgbt/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/*.naomi.lgbt/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://$subdomain.nhcarrigan.com$request_uri;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
@@ -1,32 +0,0 @@
|
||||
# Scheduling shortcuts that redirect to zcal.co (cyc, meet) and tasks redirect.
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name cyc.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/cyc.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/cyc.nhcarrigan.com/privkey.pem;
|
||||
|
||||
return 301 https://zcal.co/nhcarrigan/cyc;
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name meet.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/meet.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/meet.nhcarrigan.com/privkey.pem;
|
||||
|
||||
return 301 https://zcal.co/nhcarrigan/meet;
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name tasks.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/tasks.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/tasks.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://melody.nhcarrigan.com$uri$is_args$args;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
@@ -1,28 +1,4 @@
|
||||
# Discourse community support forum and legacy chat/forum redirects.
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name chat.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/chat.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/chat.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://discord.gg/KKe7BaEnQB;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name forum.nhcarrigan.com;
|
||||
ssl_certificate /etc/letsencrypt/live/forum.nhcarrigan.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/forum.nhcarrigan.com/privkey.pem;
|
||||
|
||||
location / {
|
||||
return 301 https://support.nhcarrigan.com;
|
||||
}
|
||||
include /etc/nginx/snippets/deny-dotfiles.conf;
|
||||
}
|
||||
|
||||
# Discourse community support forum.
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name support.nhcarrigan.com;
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
../sites-available/scheduling.conf
|
||||
Reference in New Issue
Block a user