upstream mnml_http { server 127.0.0.1:40000; } upstream mnml_ws { server 127.0.0.1:40055; } map $http_upgrade $connection_upgrade { default upgrade; '' close; } # DEV server { server_name mnml.gg; gzip on; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_types text/plain text/css text/xml application/json application/javascript application/xml+rss application/atom+xml image/svg+xml; location / { root /var/lib/mnml/public/current; index index.html; try_files $uri $uri/ index.html; } location /imgs/ { root /var/lib/mnml/public/; try_files $uri $uri/ =404; } location /api/ws { proxy_pass http://mnml_ws; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_read_timeout 600s; } location /api/ { proxy_pass http://mnml_http; proxy_read_timeout 600s; } listen [::]:443 ssl ipv6only=on; # managed by Certbot listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mnml.gg/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mnml.gg/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { server_name acp.mnml.gg; location / { root /var/lib/mnml/public/current/; index acp.html; try_files $uri $uri/ acp.html; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/mnml.gg/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/mnml.gg/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } # http -> https server { server_name mnml.gg; return 301 https://$host$request_uri; } server { server_name minimal.gg; return 301 https://mnml.gg$request_uri; }