generated from nhcarrigan/template
fc252e28e2
Adds a deny-dotfiles snippet that returns 403 for any URI matching /\. (e.g. .gitconfig, .env, .git/) and includes it in every server block.
34 lines
929 B
Plaintext
34 lines
929 B
Plaintext
# Vitalia app: Angular front-end SPA and API backend.
|
|
server {
|
|
listen 443 ssl;
|
|
server_name vitalia-api.nhcarrigan.com;
|
|
ssl_certificate /etc/letsencrypt/live/vitalia.nhcarrigan.com/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/vitalia.nhcarrigan.com/privkey.pem;
|
|
|
|
location / {
|
|
proxy_set_header Host $host;
|
|
proxy_pass http://127.0.0.1:12345;
|
|
proxy_redirect off;
|
|
}
|
|
include /etc/nginx/snippets/deny-dotfiles.conf;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name vitalia.nhcarrigan.com;
|
|
ssl_certificate /etc/letsencrypt/live/vitalia.nhcarrigan.com/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/vitalia.nhcarrigan.com/privkey.pem;
|
|
|
|
root /home/naomi/vitalia/client/dist/client/browser;
|
|
|
|
location / {
|
|
index index.html;
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
|
|
location ~* \.(js|css)$ {
|
|
try_files $uri $uri/ @rewrite;
|
|
}
|
|
include /etc/nginx/snippets/deny-dotfiles.conf;
|
|
}
|