1 fichiers modifiés avec 5 ajouts et 3 suppressions
+ 5
- 3
templates/nginx-vhost.conf.j2
Voir le fichier
| @@ -8,6 +8,11 @@ server { | |||||
| listen 80; | listen 80; | ||||
| listen [::]:80; | listen [::]:80; | ||||
| server_name {{nextcloud_server_names|join(' ')}}; | server_name {{nextcloud_server_names|join(' ')}}; | ||||
| location /.well-known/acme-challenge { | |||||
| default_type "text/plain"; | |||||
| root /var/www/default; | |||||
| } | |||||
| # enforce https | # enforce https | ||||
| return 301 https://$server_name:443$request_uri; | return 301 https://$server_name:443$request_uri; | ||||
| @@ -18,9 +23,6 @@ server { | |||||
| listen [::]:443 ssl http2; | listen [::]:443 ssl http2; | ||||
| server_name {{nextcloud_server_names|join(' ')}}; | server_name {{nextcloud_server_names|join(' ')}}; | ||||
| # Use Mozilla's guidelines for SSL/TLS settings | |||||
| # https://mozilla.github.io/server-side-tls/ssl-config-generator/ | |||||
| # NOTE: some settings below might be redundant | |||||
| ssl_certificate /etc/ssl/certs/{{nextcloud_server_names|first}}.fullchain.pem; | ssl_certificate /etc/ssl/certs/{{nextcloud_server_names|first}}.fullchain.pem; | ||||
| ssl_certificate_key /etc/ssl/private/{{nextcloud_server_names|first}}.key.pem; | ssl_certificate_key /etc/ssl/private/{{nextcloud_server_names|first}}.key.pem; | ||||