diff --git a/nginx/nginx-prod/nginx-prod.conf b/nginx/nginx-prod/nginx-prod.conf index c0b6fc0..ab21f96 100644 --- a/nginx/nginx-prod/nginx-prod.conf +++ b/nginx/nginx-prod/nginx-prod.conf @@ -17,11 +17,11 @@ http { } } - # server { - # listen 80; - # server_name *.sprinthub.ru; - # return 301 https://$host$request_uri; - # } + server { + listen 80; + server_name *.sprinthub.ru; + return 301 https://$host$request_uri; + } server { listen 443 ssl http2; @@ -42,25 +42,6 @@ http { } } - server { - listen 443 ssl http2; - listen [::]:443 ssl http2; - server_name youtrack.sprinthub.ru; - - ssl_certificate /etc/nginx/fullchain.pem; - ssl_certificate_key /etc/nginx/privkey.pem; - - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-XSS-Protection "1; mode=block" always; - add_header X-Content-Type-Options "nosniff" always; - add_header Referrer-Policy "no-refferer-when-downgrade" always; - add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always; - - location / { - proxy_pass http://youtrack.sprinthub.ru:1231/; - } - } - server { listen 443 ssl http2; listen [::]:443 ssl http2; @@ -214,23 +195,4 @@ http { } } - server { - listen 80; - server_name ~^(?.*)\.sprinthub\.ru$; - - resolver 127.0.0.11 ipv6=off; - - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-XSS-Protection "1; mode=block" always; - add_header X-Content-Type-Options "nosniff" always; - add_header Referrer-Policy "no-refferer-when-downgrade" always; - add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $remote_addr; - location / { - proxy_pass http://$domain-nginx:1238$request_uri; - } - } - }