# SeCuRiTy server { server_name _; return 302 https://$host$request_uri; listen 80; } # jibby.org server { server_name jibby.org; location / { access_log off; proxy_set_header Host jibby.org; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_set_header X-Scheme $scheme; #proxy_set_header X-Forwarded-Proto $scheme; #proxy_set_header X-Nginx-Scheme $scheme; #proxy_set_header X-Forwarded-Port $server_port; #proxy_redirect off; proxy_pass https://192.168.69.1:443; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/jibby.org/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/jibby.org/privkey.pem; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } # *.jibby.org server { server_name ~^(?.+)\.jibby\.org$; location / { access_log off; proxy_set_header Host $subdomain.jibby.org; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_set_header X-Scheme $scheme; #proxy_set_header X-Forwarded-Proto $scheme; #proxy_set_header X-Nginx-Scheme $scheme; #proxy_set_header X-Forwarded-Port $server_port; #proxy_redirect off; # For proxmox proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_read_timeout 86400; proxy_pass https://192.168.69.1:443; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/jibby.org-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/jibby.org-0001/privkey.pem; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot }