27 lines
888 B
Text
27 lines
888 B
Text
|
server {
|
||
|
root /var/www/html;
|
||
|
server_name lists.c3lingo.org; # managed by Certbot
|
||
|
|
||
|
listen [::]:443 ssl; # managed by Certbot
|
||
|
listen 443 ssl; # managed by Certbot
|
||
|
|
||
|
ssl_certificate /etc/letsencrypt/live/lists.c3lingo.org/fullchain.pem; # managed by Certbot
|
||
|
ssl_certificate_key /etc/letsencrypt/live/lists.c3lingo.org/privkey.pem; # managed by Certbot
|
||
|
# verify chain of trust of OCSP response using Root CA and Intermediate certs
|
||
|
ssl_trusted_certificate /etc/letsencrypt/live/lists.c3lingo.org/chain.pem;
|
||
|
|
||
|
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
|
||
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||
|
|
||
|
location /static {
|
||
|
alias /opt/mailman/web/static;
|
||
|
autoindex off;
|
||
|
}
|
||
|
|
||
|
location / {
|
||
|
uwsgi_pass localhost:8080;
|
||
|
include uwsgi_params;
|
||
|
uwsgi_read_timeout 300;
|
||
|
}
|
||
|
}
|