avoid unnecessary redirects for ACME challenge

This commit is contained in:
Daniel Micay 2023-02-09 09:53:16 -05:00
parent b85be6c2bb
commit 270cd2ba3f

View File

@ -91,7 +91,13 @@ http {
root /var/empty;
return 301 https://$host$request_uri;
location /.well-known/acme-challenge/ {
root /srv/certbot;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
@ -111,10 +117,6 @@ http {
return 301 https://grapheneos.org/articles/grapheneos-servers#matrix.grapheneos.org;
}
location ^~ /.well-known/acme-challenge/ {
root /srv/certbot;
}
location ~ ^(?:/_matrix|/_synapse/client) {
# remove security headers that are statically set to the strictest possible values below
proxy_hide_header Referrer-Policy;
@ -157,10 +159,6 @@ http {
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Robots-Tag "none" always;
location ^~ /.well-known/acme-challenge/ {
root /srv/certbot;
}
location ~ '\.(?:css|html|ico|js|json|map|svg|txt|wasm|xml)$' {
gzip_static on;
brotli_static on;