# ----------- use proxmox.coussinet.org to see the Proxmox Dashboard # ---------------- ludovic souliman conteur ------------------------- server { server_name ludovicsouliman.com www.ludovicsouliman.com; listen 80 http2; return 301 https://www.ludovicsouliman.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name www.ludovicsouliman.com; ssl_certificate /etc/letsencrypt/live/ludovicsouliman.com-0002/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/ludovicsouliman.com-0002/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ---------------- funky framadate ------------------------- server { server_name framadate-api.cipherbliss.com; listen 80 http2; return 301 https://framadate-api.cipherbliss.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name framadate-api.cipherbliss.com; ssl_certificate /etc/letsencrypt/live/framadate-api.cipherbliss.com-0001/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/framadate-api.cipherbliss.com-0001/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ---------------- qzine fr ------------------------- server { server_name qzine.fr www.qzine.fr; listen 80 http2; return 301 https://qzine.fr$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name qzine.fr; ssl_certificate /etc/letsencrypt/live/qzine.fr-0001/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/qzine.fr-0001/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ---------------- club informatique libre gometz org ------------------------- server { server_name cil-gometz.org www.cil-gometz.org; listen 80 http2; return 301 https://www.cil-gometz.org$request_uri; } server { listen 443 http2; listen [::]:443 http2; server_name cil-gometz.org; return 301 https://www.cil-gometz.org$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name www.cil-gometz.org; ssl_certificate /etc/letsencrypt/live/www.cil-gometz.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.cil-gometz.org/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ---------------- la puce à l'oreille fr ------------------------- server { server_name pucealoreille.fr www.pucealoreille.fr; listen 80 http2; return 301 https://www.pucealoreille.fr$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name www.pucealoreille.fr; ssl_certificate /etc/letsencrypt/live/pucealoreille.fr-0001/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/pucealoreille.fr-0001/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ---------------- un bec et des ailes fr ------------------------- server { server_name unbecetdesailes.fr www.unbecetdesailes.fr; listen 80 http2; return 301 https://www.unbecetdesailes.fr$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name www.unbecetdesailes.fr; ssl_certificate /etc/letsencrypt/live/unbecetdesailes.fr/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/unbecetdesailes.fr/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ---------------- catherine fonder fr ------------------------- server { server_name catherinefonder.fr www.catherinefonder.fr; listen 80 http2; return 301 https://catherinefonder.fr$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name catherinefonder.fr; # /etc/letsencrypt/live/catherinefonder.fr-0001/ ssl_certificate /etc/letsencrypt/live/catherinefonder.fr-0001/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/catherinefonder.fr-0001/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ... lafromagerie server { server_name lafromagerie-bsf.com www.lafromagerie-bsf.com; listen 80; return 301 https://lafromagerie-bsf.com$request_uri; } server { listen 443 http2; listen [::]:443 http2; server_name www.lafromagerie-bsf.com; return 301 https://lafromagerie-bsf.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name lafromagerie-bsf.com; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; # /etc/letsencrypt/live/lafromagerie-bsf.com-0002 ssl_certificate /etc/letsencrypt/live/lafromagerie-bsf.com-0002/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/lafromagerie-bsf.com-0002/privkey.pem; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ... lafromagerie server { server_name lafromagerie-bsf.com www.lafromagerie-bsf.com; listen 80; return 301 https://lafromagerie-bsf.com$request_uri; } server { listen 443 http2; listen [::]:443 http2; server_name www.lafromagerie-bsf.com; return 301 https://lafromagerie-bsf.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name lafromagerie-bsf.com; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; # /etc/letsencrypt/live/lafromagerie-bsf.com-0002 ssl_certificate /etc/letsencrypt/live/lafromagerie-bsf.com-0002/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/lafromagerie-bsf.com-0002/privkey.pem; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ------------- peertube ---------------------------- server { server_name peertube.cipherbliss.com; listen 80 http2; return 301 https://$host$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name peertube.cipherbliss.com; ssl_certificate /etc/letsencrypt/live/peertube.cipherbliss.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/peertube.cipherbliss.com/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; proxy_pass https://10.10.10.101;# Container peertube } add_header Permissions-Policy interest-cohort=(); } # ---------------- tykayn blog ------------------------- server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name tykayn.fr; ssl_certificate /etc/letsencrypt/live/www.tykayn.fr/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.tykayn.fr/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # ------------- peertube ---------------------------- server { server_name peertube.cipherbliss.com; listen 80 http2; return 301 https://$host$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name peertube.cipherbliss.com; ssl_certificate /etc/letsencrypt/live/peertube.cipherbliss.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/peertube.cipherbliss.com/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; proxy_pass https://10.10.10.101;# Container peertube } add_header Permissions-Policy interest-cohort=(); } # ---------------- tykayn blog ------------------------- server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name tykayn.fr; ssl_certificate /etc/letsencrypt/live/www.tykayn.fr/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.tykayn.fr/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # --------------- cipherbliss.com blog ------------------ server { server_name cipherbliss.com www.cipherbliss.com; return 301 https://www.cipherbliss.com$request_uri; listen [::]:80; listen 80; } server { listen 443 http2; listen [::]:443 http2; server_name cipherbliss.com; return 301 https://www.cipherbliss.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name www.cipherbliss.com; ssl_certificate /etc/letsencrypt/live/www.cipherbliss.com-0001/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/www.cipherbliss.com-0001/privkey.pem; # managed by Certbot # HSTS add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # --------------- portfolio cipherbliss ------------------ server { server_name portfolio.cipherbliss.com; listen 80; return 301 https://portfolio.cipherbliss.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name portfolio.cipherbliss.com; ssl_certificate /etc/letsencrypt/live/portfolio.cipherbliss.com-0001/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/portfolio.cipherbliss.com-0001/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.103; } add_header Permissions-Policy "interest-cohort=()"; } # --------------- mastodon cipherbliss ------------------ server { server_name mastodon.cipherbliss.com; listen 80; return 301 https://mastodon.cipherbliss.com$request_uri; } server { listen 443 http2; listen [::]:443 http2; server_name mastodon.cipherbliss.com; ssl_certificate /etc/letsencrypt/live/mastodon.cipherbliss.com-0001/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mastodon.cipherbliss.com-0001/privkey.pem; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; client_max_body_size 50M; location / { proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $http_host; # Container tksites proxy_pass https://10.10.10.102; } add_header Permissions-Policy "interest-cohort=()"; } server { if ($host = tykayn.fr) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = www.tykayn.fr) { return 301 https://tykayn.fr$request_uri; } # managed by Certbot server_name tykayn.fr www.tykayn.fr; listen 80; return 404; # managed by Certbot }