Installing Linux nginx config in prod install
This commit is contained in:
Stephan Oeste
@@ -1,4 +1,4 @@
|
||||
user nobody;
|
||||
user __NGINX_USER__;
|
||||
pid /var/run/nginx.pid;
|
||||
|
||||
worker_processes auto;
|
||||
@@ -10,11 +10,11 @@ events {
|
||||
}
|
||||
|
||||
http {
|
||||
# DNS servers for on-demand recursive resolver
|
||||
# DNS servers for on-demand resolution, change if desired
|
||||
resolver 8.8.8.8;
|
||||
|
||||
# include default mime types
|
||||
include /usr/local/etc/nginx/mime.types;
|
||||
include __NGINX_ETC_FOLDER__/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# HTTP basic configuration
|
||||
@@ -32,9 +32,13 @@ http {
|
||||
# MEMPOOL.NINJA
|
||||
server {
|
||||
# clearnet v4/v6
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name mempool.ninja;
|
||||
#listen 443 ssl http2;
|
||||
#listen [::]:443 ssl http2;
|
||||
server_name _;
|
||||
|
||||
# tor v3
|
||||
listen 127.0.0.1:81;
|
||||
set $onion "__NGINX_MEMPOOL_ONION__";
|
||||
|
||||
# for services from mempool.space like contributors on about page
|
||||
set $mempoolSpaceServices "https://mempool.space";
|
||||
@@ -52,30 +56,24 @@ http {
|
||||
set $esploraTestnet "http://esplora-bitcoin-testnet";
|
||||
set $esploraSignet "http://esplora-bitcoin-signet";
|
||||
|
||||
# tor v3
|
||||
listen 127.0.0.1:81;
|
||||
set $onion "mempoolhqx4isw62xs7abwphsq7ldayuidyx2v2oethdhhj6mlo2r6ad";
|
||||
|
||||
# filesystem paths
|
||||
root /mempool/public_html/mainnet/;
|
||||
access_log /var/log/nginx/mempool-access.log;
|
||||
error_log /var/log/nginx/mempool-error.log;
|
||||
|
||||
# ssl configuration
|
||||
ssl_certificate /usr/local/etc/letsencrypt/live/mempool.ninja/fullchain.pem;
|
||||
ssl_certificate_key /usr/local/etc/letsencrypt/live/mempool.ninja/privkey.pem;
|
||||
include /usr/local/etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem;
|
||||
|
||||
# site configuration
|
||||
include mempool/production/nginx/server-mempool.conf;
|
||||
}
|
||||
# BISQ.NINJA
|
||||
server {
|
||||
# clearnet v4/v6
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name bisq.ninja;
|
||||
#listen 443 ssl http2;
|
||||
#listen [::]:443 ssl http2;
|
||||
server_name _;
|
||||
|
||||
# tor v3
|
||||
listen 127.0.0.1:82;
|
||||
set $onion "__NGINX_BISQ_ONION__";
|
||||
|
||||
# for services from mempool.space like contributors on about page
|
||||
set $mempoolSpaceServices "https://mempool.space";
|
||||
@@ -86,30 +84,24 @@ http {
|
||||
# for blockstream/esplora daemon, see upstream-esplora.conf
|
||||
set $esploraMainnet "http://esplora-bitcoin-mainnet";
|
||||
|
||||
# tor v3
|
||||
listen 127.0.0.1:82;
|
||||
set $onion "bisqmktse2cabavbr2xjq7xw3h6g5ottemo5rolfcwt6aly6tp5fdryd";
|
||||
|
||||
# filesystem paths
|
||||
root /mempool/public_html/bisq/;
|
||||
access_log /var/log/nginx/bisq-access.log;
|
||||
error_log /var/log/nginx/bisq-error.log;
|
||||
|
||||
# ssl configuration
|
||||
ssl_certificate /usr/local/etc/letsencrypt/live/bisq.ninja/fullchain.pem;
|
||||
ssl_certificate_key /usr/local/etc/letsencrypt/live/bisq.ninja/privkey.pem;
|
||||
include /usr/local/etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem;
|
||||
|
||||
# site configuration
|
||||
include mempool/production/nginx/server-bisq.conf;
|
||||
}
|
||||
# LIQUID.PLACE
|
||||
server {
|
||||
# clearnet v4/v6
|
||||
listen 443 ssl http2;
|
||||
listen [::]:443 ssl http2;
|
||||
server_name liquid.place;
|
||||
#listen 443 ssl http2;
|
||||
#listen [::]:443 ssl http2;
|
||||
server_name _;
|
||||
|
||||
# tor v3
|
||||
listen 127.0.0.1:83;
|
||||
set $onion "__NGINX_LIQUID_ONION__";
|
||||
|
||||
# for services from mempool.space like contributors on about page
|
||||
set $mempoolSpaceServices "https://mempool.space";
|
||||
@@ -122,36 +114,12 @@ http {
|
||||
set $esploraMainnet "http://esplora-liquid-mainnet";
|
||||
set $esploraTestnet "http://esplora-liquid-testnet";
|
||||
|
||||
# tor v3
|
||||
listen 127.0.0.1:83;
|
||||
set $onion "liquidmom47f6s3m53ebfxn47p76a6tlnxib3wp6deux7wuzotdr6cyd";
|
||||
|
||||
# filesystem paths
|
||||
root /mempool/public_html/liquid/;
|
||||
access_log /var/log/nginx/liquid-access.log;
|
||||
error_log /var/log/nginx/liquid-error.log;
|
||||
|
||||
# ssl configuration
|
||||
ssl_certificate /usr/local/etc/letsencrypt/live/liquid.place/fullchain.pem;
|
||||
ssl_certificate_key /usr/local/etc/letsencrypt/live/liquid.place/privkey.pem;
|
||||
include /usr/local/etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem;
|
||||
|
||||
# site configuration
|
||||
include mempool/production/nginx/server-liquid.conf;
|
||||
}
|
||||
# HTTP to HTTPS redirect
|
||||
server {
|
||||
# clearnet v4/v6
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name _;
|
||||
|
||||
# only redirect for our hosted domains
|
||||
if ($host ~ "^(mempool.ninja|bisq.ninja|liquid.place)$")
|
||||
{
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
return 503;
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user