kris revised this gist . Go to revision
1 file changed, 27 insertions
01-http.conf(file created)
| @@ -0,0 +1,27 @@ | |||
| 1 | + | # Certbot http challenge | |
| 2 | + | # and http to https redirection | |
| 3 | + | ||
| 4 | + | # For http certificate verification | |
| 5 | + | upstream certbot { | |
| 6 | + | server 127.0.0.1:8001; | |
| 7 | + | } | |
| 8 | + | ||
| 9 | + | server { | |
| 10 | + | listen [::]:80; | |
| 11 | + | listen 80; | |
| 12 | + | server_name _; | |
| 13 | + | ||
| 14 | + | location /.well-known/acme-challenge { | |
| 15 | + | proxy_pass http://certbot; | |
| 16 | + | proxy_http_version 1.1; | |
| 17 | + | proxy_set_header Upgrade $http_upgrade; | |
| 18 | + | proxy_set_header Connection "upgrade"; | |
| 19 | + | proxy_set_header Host $host; | |
| 20 | + | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| 21 | + | proxy_set_header X-Forwarded-Proto $scheme; | |
| 22 | + | } | |
| 23 | + | ||
| 24 | + | location / { | |
| 25 | + | return 301 https://$host$request_uri; | |
| 26 | + | } | |
| 27 | + | } | |
Newer
Older