From b475029897166a36fc7d8c7809090d983f919581 Mon Sep 17 00:00:00 2001 From: Nick Lamicela Date: Tue, 24 Dec 2024 19:13:18 +0000 Subject: [PATCH] commit site.conf --- site.conf | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 site.conf diff --git a/site.conf b/site.conf new file mode 100644 index 0000000..a519445 --- /dev/null +++ b/site.conf @@ -0,0 +1,66 @@ +# https://palmure.fr/blog.html#default-https-but-only-for-recent-browsers + +# +# +# Require all denied +# +# + +# +# SSLEngine on +# Include /etc/letsencrypt/options-ssl-apache.conf +# SSLCertificateFile /etc/letsencrypt/live/klay.gay/fullchain.pem +# SSLCertificateKeyFile /etc/letsencrypt/live/klay.gay/privkey.pem +# +# Require all denied +# +# + + + ServerName nycki.net + SSLEngine on + Include /etc/letsencrypt/options-ssl-apache.conf + + Header always add Strict-Transport-Security: "max-age=31536000; includeSubDomains; preload;" + + + Header always add Vary: Upgrade-Insecure-Requests + Redirect / https://nycki.net + + + + DocumentRoot /data/nycki.net/site +ErrorDocument 404 404.html + + + Options FollowSymLinks MultiViews + Require all granted + + SSLCertificateFile /etc/letsencrypt/live/klay.gay/fullchain.pem +SSLCertificateKeyFile /etc/letsencrypt/live/klay.gay/privkey.pem + + + + ServerName rss.nycki.net + SSLEngine on + Include /etc/letsencrypt/options-ssl-apache.conf + + ProxyPass http://localhost:8400/ + + SSLCertificateFile /etc/letsencrypt/live/klay.gay/fullchain.pem +SSLCertificateKeyFile /etc/letsencrypt/live/klay.gay/privkey.pem + + + + ServerName git.nycki.net + SSLEngine on + Include /etc/letsencrypt/options-ssl-apache.conf + + # https://stackoverflow.com/a/9933890/3821202 + AllowEncodedSlashes NoDecode + + ProxyPass http://localhost:8500/ nocanon + + SSLCertificateFile /etc/letsencrypt/live/klay.gay/fullchain.pem +SSLCertificateKeyFile /etc/letsencrypt/live/klay.gay/privkey.pem +