l websites utils: forceSSL
This commit is contained in:
parent
c0f7f7bab5
commit
e8c4f7c0e4
|
@ -16,11 +16,7 @@ rec {
|
||||||
in {
|
in {
|
||||||
services.nginx.virtualHosts.${domain} = {
|
services.nginx.virtualHosts.${domain} = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
onlySSL = true;
|
forceSSL = true;
|
||||||
extraConfig = ''
|
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
'';
|
|
||||||
serverAliases = domains;
|
serverAliases = domains;
|
||||||
locations."/".extraConfig = ''
|
locations."/".extraConfig = ''
|
||||||
root /srv/http/${domain};
|
root /srv/http/${domain};
|
||||||
|
@ -87,12 +83,9 @@ rec {
|
||||||
in {
|
in {
|
||||||
services.nginx.virtualHosts."${domain}" = {
|
services.nginx.virtualHosts."${domain}" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
onlySSL = true;
|
forceSSL = true;
|
||||||
serverAliases = domains;
|
serverAliases = domains;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
|
|
||||||
# Add headers to serve security related headers
|
# Add headers to serve security related headers
|
||||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
|
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
|
||||||
add_header X-Content-Type-Options nosniff;
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
@ -201,12 +194,9 @@ rec {
|
||||||
in {
|
in {
|
||||||
services.nginx.virtualHosts."${domain}" = {
|
services.nginx.virtualHosts."${domain}" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
onlySSL = true;
|
forceSSL = true;
|
||||||
serverAliases = domains;
|
serverAliases = domains;
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
listen 80;
|
|
||||||
listen [::]:80;
|
|
||||||
|
|
||||||
root /srv/http/${domain}/;
|
root /srv/http/${domain}/;
|
||||||
index index.php;
|
index index.php;
|
||||||
access_log /tmp/nginx_acc.log;
|
access_log /tmp/nginx_acc.log;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user