# HTTP on :9080 (optional: redirect to HTTPS :9443) server { listen 9080; server_name labunix.xyz www.labunix.xyz 10.50.0.1; # If you want redirect to HTTPS on :9443: return 301 https://$host:443$request_uri; # If you prefer serving plain HTTP instead, comment the return above # and uncomment this: # root /srv/www/labunix/public; # index index.html; # location / { try_files $uri $uri/ =404; } } # HTTPS on :9443 server { listen 443 ssl; http2 on; server_name labunix.xyz www.labunix.xyz 10.50.0.1; root /srv/www/labunix/public; index index.html; ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; add_header Onion-Location "http://l6xtdi33ubszm2gswstchrb6o4d6aw3ewj2irexlsbzk6pvesky7p2ad.onion$request_uri" always; location / { try_files $uri $uri/ =404; } location /stats/ { alias /srv/stats/; index goaccess.html; allow 127.0.0.1; allow 10.50.0.0/24; allow 192.168.33.0/24; deny all; } location ~* \.(css|js|png|jpg|jpeg|gif|svg|webp|ico|woff2?)$ { expires 30d; add_header Cache-Control "public, max-age=2592000, immutable"; try_files $uri =404; } }