server { listen 80; listen [::]:80; server_name localhost; # Redirect HTTP to HTTPS return 301 https://$host$request_uri; } server { # SSL configuration # listen 443 ssl; listen [::]:443; ssl_certificate /etc/letsencrypt/live/wiki.castanedo.es/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/wiki.castanedo.es/privkey.pem; # managed by Certbot # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; root /var/www/moodle; # Add index.php to the list if you are using PHP index index.php index.html index.htm; server_name localhost; access_log /var/log/nginx/moodle-access.log; error_log /var/log/nginx/moodle-error.log; # Activate HSTS (HTTP Strict Transport Security) # Note: reinclude if in a location a header is set include snippets/hsts.conf; # Allow favicon.ico, robots.txt, .well-known/ # Deny *.txt, *.log, .*/*.php, .*, *.json, .lock, *.ht include snippets/allowed.conf; include snippets/denied.conf; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_index index.php; fastcgi_pass unix:/run/php/php7.2-fpm.sock; include fastcgi_params; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } }