containers/nginx-balsillie-net/default.conf

http2 on;
ssl_certificate /usr/share/nginx/ssl/tls.crt;
ssl_certificate_key /usr/share/nginx/ssl/tls.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;

server {
    listen 8080;
    server_name  balsillie.net balsillie.email openpgpkey.balsillie.net openpgpkey.balsillie.email;
    return 301 https://$host$request_uri;
}

server {
    listen 8080 default_server;
    return 444;
}

server {
    listen 8443 ssl;
    server_name balsillie.net;

    location = /michael.vcf {
        default_type application/octet-stream;
        root   /usr/share/nginx/html;
    }

    location = /.well-known/mta-sts.txt {
        default_type application/octet-stream;
        root /usr/share/nginx/html/mta-sts/balsillie_net;
    }

    location /.well-known/host-meta {
        return 301 https://social.balsillie.net$request_uri;
    }

    location /.well-known/webfinger {
        return 301 https://social.balsillie.net$request_uri;
    }

    location /.well-known/nodeinfo {
        return 301 https://social.balsillie.net$request_uri;
    }

    location /.well-known/matrix/ {
        default_type application/json;
        root /usr/share/nginx/html;
    }

    location / {
        return 444;
    }
}

server { 
    listen 8443 ssl;
    server_name balsillie.email;

    location = /.well-known/mta-sts.txt {
        default_type application/octet-stream;
        root /usr/share/nginx/html/mta-sts/balsillie_email;
    }

    location / {
        return 444;
    }
}

server {
    listen 8443 ssl;
    server_name openpgpkey.balsillie.net openpgpkey.balsillie.email;

    location /.well-known/openpgpkey {
        default_type application/octet-stream;
        root /usr/share/nginx/html;
    }

    location / {
        return 444;
    }
}

server {
    listen 8443 ssl default_server;
    ssl_reject_handshake on;
}
working 2024-12-15 00:18:37 -05:00			`http2 on;`
			`ssl_certificate /usr/share/nginx/ssl/tls.crt;`
			`ssl_certificate_key /usr/share/nginx/ssl/tls.key;`
			`ssl_protocols TLSv1.2 TLSv1.3;`
			`ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;`
			`ssl_prefer_server_ciphers on;`
			`ssl_session_cache shared:SSL:10m;`
			`ssl_session_timeout 10m;`

nginx 2024-12-14 02:08:06 -05:00			`server {`
working 2024-12-15 00:18:37 -05:00			`listen 8080;`
			`server_name balsillie.net balsillie.email openpgpkey.balsillie.net openpgpkey.balsillie.email;`
nginx 2024-12-14 15:23:00 -05:00			`return 301 https://$host$request_uri;`
			`}`

			`server {`
working 2024-12-15 00:18:37 -05:00			`listen 8080 default_server;`
			`return 444;`
			`}`

			`server {`
			`listen 8443 ssl;`
nginx 2024-12-14 15:23:00 -05:00			`server_name balsillie.net;`
nginx 2024-12-14 02:08:06 -05:00
working 2024-12-15 00:18:37 -05:00			`location = /michael.vcf {`
			`default_type application/octet-stream;`
			`root /usr/share/nginx/html;`
			`}`

			`location = /.well-known/mta-sts.txt {`
			`default_type application/octet-stream;`
			`root /usr/share/nginx/html/mta-sts/balsillie_net;`
			`}`

			`location /.well-known/host-meta {`
			`return 301 https://social.balsillie.net$request_uri;`
			`}`

			`location /.well-known/webfinger {`
			`return 301 https://social.balsillie.net$request_uri;`
			`}`

			`location /.well-known/nodeinfo {`
			`return 301 https://social.balsillie.net$request_uri;`
			`}`

			`location /.well-known/matrix/ {`
			`default_type application/json;`
			`root /usr/share/nginx/html;`
			`}`

			`location / {`
			`return 444;`
			`}`
			`}`

			`server {`
			`listen 8443 ssl;`
			`server_name balsillie.email;`

			`location = /.well-known/mta-sts.txt {`
			`default_type application/octet-stream;`
			`root /usr/share/nginx/html/mta-sts/balsillie_email;`
			`}`
nginx 2024-12-14 02:08:06 -05:00
			`location / {`
working 2024-12-15 00:18:37 -05:00			`return 444;`
nginx 2024-12-14 02:08:06 -05:00			`}`
working 2024-12-15 00:18:37 -05:00			`}`
nginx 2024-12-14 02:08:06 -05:00
working 2024-12-15 00:18:37 -05:00			`server {`
			`listen 8443 ssl;`
			`server_name openpgpkey.balsillie.net openpgpkey.balsillie.email;`
nginx 2024-12-14 02:08:06 -05:00
working 2024-12-15 00:18:37 -05:00			`location /.well-known/openpgpkey {`
			`default_type application/octet-stream;`
			`root /usr/share/nginx/html;`
			`}`

			`location / {`
			`return 444;`
nginx 2024-12-14 02:08:06 -05:00			`}`
working 2024-12-15 00:18:37 -05:00			`}`
nginx 2024-12-14 02:08:06 -05:00
working 2024-12-15 00:18:37 -05:00			`server {`
			`listen 8443 ssl default_server;`
			`ssl_reject_handshake on;`
nginx 2024-12-14 02:08:06 -05:00			`}`