Skip to content

Commit e889c71

Browse files
eroruserorus
committed
prep nginx config for letsencrypt acme challenges
1 parent 2b44bf7 commit e889c71

File tree

2 files changed

+25
-3
lines changed

2 files changed

+25
-3
lines changed

letsencrypt.wellknown/.gitignore

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
*
2+
!.gitignore
3+

lighttpd.conf/newsstand.nginx.conf

Lines changed: 22 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ ssl_dhparam /var/newsstand/private/ssl/dhparams.pem;
33
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
44
ssl_prefer_server_ciphers on;
55
ssl_session_cache shared:SSL:4m;
6-
resolver 4.2.2.1 4.2.2.2 4.2.2.3 4.2.2.4
6+
resolver 4.2.2.1 4.2.2.2 4.2.2.3 4.2.2.4;
77

88
log_not_found off;
99

@@ -23,7 +23,12 @@ server {
2323
listen [2605:9880:0:3::10]:80;
2424
access_log off;
2525
error_log /var/newsstand/logs/error.undermine.log crit;
26-
return 301 https://theunderminejournal.com$request_uri;
26+
location /.well-known/acme-challenge/ {
27+
alias /var/newsstand/letsencrypt.wellknown/;
28+
}
29+
location / {
30+
return 301 https://theunderminejournal.com$request_uri;
31+
}
2732
}
2833

2934
server {
@@ -130,6 +135,9 @@ server {
130135

131136
error_page 404 =301 https://theunderminejournal.com$request_uri;
132137

138+
location /.well-known/acme-challenge/ {
139+
alias /var/newsstand/letsencrypt.wellknown/;
140+
}
133141
location ~ ^/TheUndermineJournal\.zip {
134142
return 301 https://addon.theunderminejournal.com/TheUndermineJournal.zip;
135143
}
@@ -173,6 +181,10 @@ server {
173181
return 301 https://addon.theunderminejournal.com/TheUndermineJournal.zip;
174182
}
175183

184+
location /.well-known/acme-challenge/ {
185+
alias /var/newsstand/letsencrypt.wellknown/;
186+
}
187+
176188
location ~ ^/TheUndermineJournal\.zip {
177189
expires modified 4d;
178190
}
@@ -184,7 +196,14 @@ server {
184196
listen [2605:9880:0:3::11]:80;
185197
access_log off;
186198
error_log /var/newsstand/logs/error.wowtoken.log crit;
187-
return 301 https://wowtoken.info$request_uri;
199+
200+
location /.well-known/acme-challenge/ {
201+
alias /var/newsstand/letsencrypt.wellknown/;
202+
}
203+
204+
location / {
205+
return 301 https://wowtoken.info$request_uri;
206+
}
188207
}
189208

190209
server {

0 commit comments

Comments
 (0)