This repository has been archived on 2024-03-01. You can view files and clone it, but cannot push or open issues or pull requests.
knut.in/nginx.conf
Knut Ahlers af9c4b7854
HTTPs everything
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2017-02-19 13:29:52 +01:00

90 lines
4.9 KiB
Nginx Configuration File

user nginx;
worker_processes 1;
daemon off;
error_log /dev/stderr warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /dev/stdout main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 30;
gzip on;
gzip_vary on;
gzip_types text/plain text/css application/json application/x-javascript
text/xml application/xml application/xml+rss text/javascript
application/vnd.ms-fontobject application/x-font-ttf
font/opentype image/svg+xml image/x-icon application/javascript;
proxy_cache_path /tmp/cache levels=1:2 keys_zone=s3_cache:10m max_size=512m
inactive=60m use_temp_path=off;
server {
listen 80;
root /opt/webroot;
add_header Pragma public;
add_header Cache-Control "public";
# Recommendations from securityheaders.io
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Content-Security-Policy "default-src 'none';";
# Recommendations from hstspreload.org
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
# Recommendations from observatory.mozilla.org
add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin";
# Redirects for services
rewrite ^/\+$ https://google.com/+KnutAhlers redirect;
rewrite ^/500px$ https://500px.com/luziferus redirect;
rewrite ^/bitbucket$ https://bitbucket.org/luzifer redirect;
rewrite ^/blog$ https://ahlers.me/blog/ redirect;
rewrite ^/cv$ https://ahlers.me/static/cv.pdf redirect;
rewrite ^/delicious$ https://del.icio.us/luzifer redirect;
rewrite ^/doodle$ https://doodle.com/knut-ahlers redirect;
rewrite ^/duolingo$ https://www.duolingo.com/Luziferus redirect;
rewrite ^/facebook$ https://www.facebook.com/knut.ahlers redirect;
rewrite ^/fitbit$ https://www.fitbit.com/user/289K54 redirect;
rewrite ^/flickr$ https://www.flickr.com/photos/knut-ahlers/ redirect;
rewrite ^/flinc$ https://www.flinc.org/users/41310 redirect;
rewrite ^/foursquare$ https://de.foursquare.com/luzifer redirect;
rewrite ^/geocaching$ https://www.geocaching.com/profile/?guid=620d30bc-8aa6-463e-8a8c-d1644917753f redirect;
rewrite ^/github$ https://github.com/luzifer redirect;
rewrite ^/goodreads$ https://www.goodreads.com/user/show/7413346-knut redirect;
rewrite ^/instagram$ https://www.instagram.com/luziferus/ redirect;
rewrite ^/lastfm$ https://www.last.fm/de/user/Luziferus redirect;
rewrite ^/linkedin$ https://www.linkedin.com/in/knutahlers redirect;
rewrite ^/postcrossing$ https://www.postcrossing.com/user/luziferus redirect;
rewrite ^/steam$ https://steamcommunity.com/id/luziferus redirect;
rewrite ^/trakt$ https://trakt.tv/users/luzifer redirect;
rewrite ^/twitter$ https://www.twitter.com/luzifer redirect;
rewrite ^/twitch$ https://www.twitch.tv/luziferus redirect;
rewrite ^/wishlist$ https://www.amazon.de/gp/registry/A9MBI81ZSO7Q redirect;
rewrite ^/yelp$ https://luzifer.yelp.de/ redirect;
rewrite ^/youtube$ https://www.youtube.com/user/knutahlers redirect;
# Catch-all: Everything not (yet) defined goes to my own page
rewrite ^.*$ https://ahlers.me/ redirect;
}
}