From 96f2855276d51aa462a4af53850b0c25fa8f978f Mon Sep 17 00:00:00 2001 From: Anthony Wang Date: Wed, 16 Jun 2021 22:28:04 -0500 Subject: [PATCH] Upgrade everything to ipv6 and http2 --- blog.conf | 3 ++- code.conf | 3 ++- game.conf | 3 ++- gitea.conf | 25 +++++-------------------- office.conf | 3 ++- server.conf | 3 ++- ta180m.conf | 3 ++- wiki.conf | 8 ++++++-- zabbix.conf | 1 + 9 files changed, 24 insertions(+), 28 deletions(-) diff --git a/blog.conf b/blog.conf index ccebdee..07ad534 100644 --- a/blog.conf +++ b/blog.conf @@ -1,5 +1,6 @@ server { - listen 443 ssl; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name blog.exozy.me; ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem; diff --git a/code.conf b/code.conf index 20b7a9a..7ecdaf5 100644 --- a/code.conf +++ b/code.conf @@ -1,5 +1,6 @@ server { - listen 443 ssl; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name code.exozy.me; ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem; diff --git a/game.conf b/game.conf index 2e64f99..cda0fe0 100644 --- a/game.conf +++ b/game.conf @@ -1,5 +1,6 @@ server { - listen 443 ssl; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name game.exozy.me; ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem; diff --git a/gitea.conf b/gitea.conf index a2a82b8..0250828 100644 --- a/gitea.conf +++ b/gitea.conf @@ -1,27 +1,12 @@ server { + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name git.exozy.me; + ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/exozy.me/privkey.pem; + location / { proxy_pass http://unix:/run/gitea/gitea.socket; } - - listen 443 ssl; # managed by Certbot - ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem; # managed by Certbot - ssl_certificate_key /etc/letsencrypt/live/exozy.me/privkey.pem; # managed by Certbot - include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot - -} -server { - if ($host = git.exozy.me) { - return 301 https://$host$request_uri; - } - # managed by Certbot - - - listen 80; - server_name git.exozy.me; - return 404; # managed by Certbot - - } diff --git a/office.conf b/office.conf index 04f1d18..5c9452a 100644 --- a/office.conf +++ b/office.conf @@ -1,5 +1,6 @@ server { - listen 443 ssl; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name office.exozy.me; ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem; diff --git a/server.conf b/server.conf index 6feaf06..097198d 100644 --- a/server.conf +++ b/server.conf @@ -1,5 +1,6 @@ server { - listen 443 ssl; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name server.exozy.me; ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem; diff --git a/ta180m.conf b/ta180m.conf index 9e09e5e..bb61325 100644 --- a/ta180m.conf +++ b/ta180m.conf @@ -1,5 +1,6 @@ server { - listen 443 ssl; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name ta180m.exozy.me; ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem; diff --git a/wiki.conf b/wiki.conf index 95ab923..8995677 100644 --- a/wiki.conf +++ b/wiki.conf @@ -1,14 +1,18 @@ server { - listen 443; + listen 443 ssl http2; + listen [::]:443 ssl http2; server_name wiki.exozy.me; + ssl_certificate /etc/letsencrypt/live/exozy.me/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/exozy.me/privkey.pem; + root /usr/share/webapps/mediawiki; index index.php; charset utf-8; + # For correct file uploads client_max_body_size 100m; # Equal or more than upload_max_filesize in /etc/php7/php.ini client_body_timeout 60; - include mediawiki.conf; + include mediawiki.conf; } diff --git a/zabbix.conf b/zabbix.conf index 0f75b29..6edee79 100644 --- a/zabbix.conf +++ b/zabbix.conf @@ -1,5 +1,6 @@ server { listen 80; + listen [::]:80; server_name 192.168.1.13; root /srv/http;