cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-10 16:04:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

MTA-STS: the HTTPS route needs to be mta-sts.@ not _mta-sts

Browse Source
This commit is contained in:
missytake
2023-11-13 19:05:38 +01:00
parent 5429f3e379
commit a420e37612
1 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
deploy-chatmail/src/deploy_chatmail/nginx/nginx.conf.j2
View File

@@ -20,8 +20,6 @@ http {
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_certificate /var/lib/acme/live/{{ config.domain_name }}/fullchain;
ssl_certificate_key /var/lib/acme/live/{{ config.domain_name }}/privkey;
gzip on;
@@ -30,6 +28,8 @@ http {
listen [::]:80 default_server;
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /var/lib/acme/live/{{ config.domain_name }}/fullchain;
ssl_certificate_key /var/lib/acme/live/{{ config.domain_name }}/privkey;
root /var/www/html;
@@ -37,6 +37,28 @@ http {
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
}
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
root /var/www/html;
index index.html index.htm;
server_name mta-sts.{{ config.domain_name }};
ssl_certificate /var/lib/acme/live/mta-sts.{{ config.domain_name }}/fullchain;
ssl_certificate_key /var/lib/acme/live/mta-sts.{{ config.domain_name }}/privkey;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.