{{header}}
{{title|title=
Nginx
}}
{{#seo:
|description=nginx web server
}}
{{intro|
nginx web server
}}
== Introduction ==
{{stub}}
== /etc/tor/torrc ==
<pre>
HiddenServiceDir /var/lib/tor-instances/onionv3/onionv3/
HiddenServiceVersion 3

## web
HiddenServicePort 80 127.0.0.1:70
</pre>

== /etc/nginx/conf.d/hsts ==
<pre>
## HSTS settings
</pre>

== /etc/nginx/sites-available/00100.conf ==

<pre>
## default_server, apex domain (non-subdomain) or invalid subdomain catch-all

## redirect plaintext clearnet non-subdomain to TLS non-subdomain
server {
  listen 80 default_server;
  listen [::]:80 default_server;
  return 301 https://kicksecure.com$request_uri;
}

## redirect TLS clearnet non-subdomain to TLS www subdomain
server {
  listen 443 ssl http2 default_server;
  listen [::]:443 ssl http2 default_server;

  ssl_certificate /etc/letsencrypt/live/kicksecure.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/kicksecure.com/privkey.pem;
  ssl_trusted_certificate /etc/letsencrypt/live/kicksecure.com/fullchain.pem;
  include /etc/nginx/conf.d/hsts;

  return 301 https://www.kicksecure.com$request_uri;
}

## redirect onion non-subdomain to www subdomain
server {
  listen 127.0.0.1:70;
  server_name w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion;

  return 301 http://www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion$request_uri;
}
</pre>

== /etc/nginx/sites-available/www.conf ==

<pre>
## http clearnet port 80 unencrypted listener
server {
  listen 80;
  listen [::]:80;
  server_name www.kicksecure.com;
  return 301 https://www.kicksecure.com$request_uri;
}

## clearnet www
server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name www.kicksecure.com;

  ssl_certificate /etc/letsencrypt/live/kicksecure.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/kicksecure.com/privkey.pem;
  ssl_trusted_certificate /etc/letsencrypt/live/kicksecure.com/fullchain.pem;
  include /etc/nginx/conf.d/hsts;

  more_set_headers "Onion-Location: http://www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion$request_uri";

  include /etc/nginx/conf.d/www;
}

## onion www
server {
  listen 127.0.0.1:70;
  server_name www.w5j6stm77zs6652pgsij4awcjeel3eco7kvipheu6mtr623eyyehj4yd.onion;

  more_set_headers "X-Robots-Tag: noindex, nofollow";

  include /etc/nginx/conf.d/www;
}
</pre>

== /etc/nginx/conf.d/www ==
<pre>
## actual nginx config shared among TLS and onion goes here
</pre>

{{footer}}
[[Category:Documentation]]

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.