53 lines
1.6 KiB
Plaintext
53 lines
1.6 KiB
Plaintext
limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;
|
|
|
|
server {
|
|
listen 80 default_server;
|
|
server_name secretbee.buzz;
|
|
limit_req zone=mylimit burst=20;
|
|
|
|
location / {
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl http2;
|
|
server_name secretbee.buzz;
|
|
|
|
limit_req zone=mylimit burst=20;
|
|
|
|
root /var/www;
|
|
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/secretbee.buzz/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/secretbee.buzz/privkey.pem;
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
|
|
|
location /.well-known/matrix/server {
|
|
default_type application/json;
|
|
add_header Access-Control-Allow-Origin "*";
|
|
return 200 '{"m.server": "matrix.secretbee.buzz:443"}';
|
|
}
|
|
|
|
location /.well-known/matrix/client {
|
|
default_type application/json;
|
|
add_header Access-Control-Allow-Origin "*";
|
|
return 200 '{"m.homeserver": {"base_url": "https://matrix.secretbee.buzz"}, "org.matrix.msc3575.proxy": {"url": "https://matrix.secretbee.buzz"}}';
|
|
}
|
|
|
|
# Matrix Support contact information (MSC1929)
|
|
location /.well-known/matrix/support {
|
|
default_type application/json;
|
|
add_header Access-Control-Allow-Origin "*";
|
|
return 200 '{"contacts": [{"matrix_id": "@admin:secretbee.buzz", "email_address": "admin@server.name", "role": "m.role.admin"}]}';
|
|
}
|
|
|
|
location / {
|
|
default_type "text/html";
|
|
try_files $uri $uri.html $uri/index.html index.html;
|
|
}
|
|
}
|