nhcarrigan/nginx-configs
9
0
Fork 0
generated from nhcarrigan/template
Code Issues 1 Pull Requests Actions Releases Activity
Files
fc252e28e251cce5b8c2fd2533be045200105c59
nginx-configs/nginx/nginx/sites-available/mommy.conf
T
hikari fc252e28e2
Test nginx configuration / Static Analysis (push) Failing after 4s
Details
Test nginx configuration / nginx Syntax Check (push) Successful in 20s
Details
Security Scan and Upload / Security & DefectDojo Upload (push) Successful in 1m8s
Details
feat: block dotfile requests across all sites 
Adds a deny-dotfiles snippet that returns 403 for any URI matching /\.
(e.g. .gitconfig, .env, .git/) and includes it in every server block.
2026-03-18 11:31:02 -07:00

43 lines
1.2 KiB
Plaintext
Raw Blame History

# Mommy bot suite: mommy-bot Discord bot, mommy-slack Slack bot, mommy web front-end.
server {
listen 443 ssl;
server_name mommy-bot.nhcarrigan.com;
ssl_certificate /etc/letsencrypt/live/mommy-bot.nhcarrigan.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mommy-bot.nhcarrigan.com/privkey.pem;
location / {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8009;
proxy_redirect off;
}
include /etc/nginx/snippets/deny-dotfiles.conf;
}
server {
listen 443 ssl;
server_name mommy-slack.nhcarrigan.com;
ssl_certificate /etc/letsencrypt/live/mommy-slack.nhcarrigan.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mommy-slack.nhcarrigan.com/privkey.pem;
location / {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8010;
proxy_redirect off;
}
include /etc/nginx/snippets/deny-dotfiles.conf;
}
server {
listen 443 ssl;
server_name mommy.nhcarrigan.com;
ssl_certificate /etc/letsencrypt/live/mommy.nhcarrigan.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mommy.nhcarrigan.com/privkey.pem;
location / {
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8008;
proxy_redirect off;
}
include /etc/nginx/snippets/deny-dotfiles.conf;
}
Reference in New Issue View Git Blame Copy Permalink