update vhost templates: use of includes

6 years ago · 8b2236a66f
1 changed files with 5 additions and 22 deletions
--- a/27
+++ b/27
@ -1,5 +1,4 @@
 # redirect http to https
-
 server  {
         listen  [::]:80;
         server_name {{ second_domains }};
@ -7,31 +6,17 @@ server  {
 }

 # conf for https
-
 server  {
        listen  [::]:443;
        server_name  {{ second_domains }};

-
-# conf for LE ACME
-        location ~ /.well-known/acme-challenge/ {
-                default_type "text/plain";
-                root         /var/lib/acme/challenges ;
-                }
-        location = /.well-known/acme-challenge/ {
-                return 404;
-                }
+        include /etc/nginx/includes/le-acme.conf;
+        include /etc/nginx/includes/ssl.conf ;
+        include /etc/nginx/includes/add-headers.conf ;

 # TLS conf
- ssl on;
- ssl_certificate /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.chained;
- ssl_certificate_key /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.key;
- ssl_session_timeout 5m;
- ssl_prefer_server_ciphers on;
- add_header Strict-Transport-Security max-age=2678400;
- ssl_dhparam /etc/nginx/dh4096.pem;
- ssl_session_cache shared:SSL:50m;
-
+        ssl_certificate /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.chained;
+        ssl_certificate_key /etc/nginx/sites/{{ main_domain }}/{{ main_domain }}.key;

 # reverse proxy
        location / {
@ -42,5 +27,3 @@ server  {
                proxy_set_header X-Forwarded-Ssl on;
                }
 }
-
-