# ./acme.sh --issue --standalone --httpport 9999 -d forum_dev.warage.win --certpath /etc/letsencrypt/live/forum_dev.warage.win/cert.pem --keypath /etc/letsencrypt/live/forum_dev.warage.win/privkey.pem --fullchainpath /etc/letsencrypt/live/forum_dev.warage.win/fullchain.pem; # --force #server{ # listen 80; # server_name forum_dev.warage.win; # include acme_http; #} #server{ # listen 80; # server_name forum_dev.warage.win; # return 301 https://forum_dev.warage.win$request_uri; #} ## because cert by cloudflare server{ #listen 443 ssl http2; listen 80; root /var/www/forum_dev; index index.php index.html; server_name forum_dev.warage.win; #ssl_certificate /etc/letsencrypt/live/forum_dev.warage.win/fullchain.pem; #ssl_certificate_key /etc/letsencrypt/live/forum_dev.warage.win/privkey.pem; #ssl_dhparam /etc/letsencrypt/live/forum_dev.warage.win/dhparams.pem; #ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #ssl_prefer_server_ciphers on; #ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'; #ssl_session_timeout 10m; #add_header Strict-Transport-Security "max-age=31536000;"; charset utf-8; underscores_in_headers on; access_log /var/www/ok_forum_dev_warage_win.log; error_log /var/www/err_forum_dev_warage_win.log; gzip on; gzip_vary on; gzip_comp_level 6; gzip_min_length 1024; gzip_proxied any; gzip_types text/plain text/css image/svg+xml image/svg application/json application/javascript application/x-javascript text/*; gzip_buffers 16 8k; #add_header X-Frame-Options "DENY"; location ~* \.tpl$ { access_log off; error_log off; return 403; } location ~* \.sql$ { access_log off; error_log off; return 403; } location /css/ { root /var/www/forum_dev_warage_win/stc; try_files $uri $uri/ =404; expires max; access_log off; error_log off; } location /js/ { root /var/www/forum_dev_warage_win/stc; try_files $uri $uri/ =404; expires max; access_log off; error_log off; } location /img/ { root /var/www/forum_dev_warage_win/stc; try_files $uri $uri/ =404; expires max; access_log off; error_log off; } # ws location /ws { access_log off; proxy_pass http://127.0.0.1:5000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_read_timeout 86400s; proxy_send_timeout 86400s; proxy_set_header HOST $host; # $http_host proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location / { ##try_files $uri $uri/ =404; try_files $uri $uri/ @python; ##try_files @python @python; ##try_files $uri @python @python; access_log off; } location @python { proxy_set_header HOST $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://127.0.0.1:5000; } }