Now, rather than urls of the form: domain.com/blog/something.html my website has urls of the form domain.com/blog/something/ Inside the something folder, there are gmi, html and md index files. Nginx will try to serve an appropriate file based on the requested content type. Gemini will also use the same folder structure, serving the gmi file.
102 lines
4.9 KiB
Text
102 lines
4.9 KiB
Text
include mime.types
|
|
|
|
types {
|
|
text/markdown md;
|
|
}
|
|
|
|
|
|
map $http_accept $file_suffix {
|
|
default "html";
|
|
~*pdf "pdf";
|
|
~*md "md";
|
|
~*markdown "md";
|
|
~*html "html";
|
|
~*gemini "gmi";
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name localhost;
|
|
|
|
|
|
add_header X-Content-Type-Options "nosniff" always;
|
|
add_header Content-Security-Policy "default-src 'none'; img-src 'self'; style-src 'self' https://commento.jonathanh.co.uk; script-src https://commento.jonathanh.co.uk; connect-src ws://commento.jonathanh.co.uk https://commento.jonathanh.co.uk;" always;
|
|
add_header Referrer-Policy "no-referrer" always;
|
|
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=(), clipboard-read=(), clipboard-write=(), gamepad=(), speaker-selection=(), conversion-measurement=(), focus-without-user-activation=(), hid=(), idle-detection=(), serial=(), sync-script=(), trust-token-redemption=(), vertical-scroll=(), interest-cohort=()" always;
|
|
add_header x-card "curl -L jn.hn/card" always;
|
|
server_tokens off;
|
|
|
|
location / {
|
|
# Result of change from .html to /
|
|
rewrite ^/tag/zsh.html$ /tag/zsh/ permanent;
|
|
rewrite ^/tag/fzf.html$ /tag/fzf/ permanent;
|
|
rewrite ^/tag/mutt.html$ /tag/mutt/ permanent;
|
|
rewrite ^/tag/security.html$ /tag/security/ permanent;
|
|
rewrite ^/tag/firefox.html$ /tag/firefox/ permanent;
|
|
rewrite ^/tag/security_advice.html$ /tag/security/ permanent;
|
|
rewrite ^/tag/linux.html$ /tag/linux/ permanent;
|
|
rewrite ^/tag/websites.html$ /tag/websites/ permanent;
|
|
rewrite ^/tag/pentesting.html$ /tag/pentesting/ permanent;
|
|
rewrite ^/tag/vim.html$ /tag/vim/ permanent;
|
|
rewrite ^/tag/home_assistant.html$ /tag/home_assistant/ permanent;
|
|
rewrite ^/blog/freelance-business-security.html$ /blog/freelance-business-security/ permanent;
|
|
rewrite ^/blog/wordpress-username-enumeration.html$ /blog/wordpress-username-enumeration/ permanent;
|
|
rewrite ^/blog/mutt-setup.html$ /blog/mutt-setup/ permanent;
|
|
rewrite ^/blog/building-a-zsh-prompt.html$ /blog/building-a-zsh-prompt/ permanent;
|
|
rewrite ^/blog/exchange-mutt.html$ /blog/exchange-mutt/ permanent;
|
|
rewrite ^/blog/fuzzy-search-hashcat-modes.html$ /blog/fuzzy-search-hashcat-modes/ permanent;
|
|
rewrite ^/blog/tools-that-make-my-life-easier.html$ /blog/tools-that-make-my-life-easier/ permanent;
|
|
rewrite ^/blog/outlook-mutt.html$ /blog/outlook-mutt/ permanent;
|
|
rewrite ^/blog/upgrading-reverse-shells.html$ /blog/upgrading-reverse-shells/ permanent;
|
|
rewrite ^/blog/current-word-completion.html$ /blog/current-word-completion/ permanent;
|
|
rewrite ^/blog/keyboard-driven-firefox.html$ /blog/keyboard-driven-firefox/ permanent;
|
|
rewrite ^/blog/why-i-made-the-switch-to-zsh.html$ /blog/why-i-made-the-switch-to-zsh/ permanent;
|
|
rewrite ^/blog/starting-out-with-homeassistant.html$ /blog/starting-out-with-homeassistant/ permanent;
|
|
rewrite ^/blog/the-switch-to-zsh.html$ /blog/the-switch-to-zsh/ permanent;
|
|
rewrite ^/blog/xss-through-referer-header.html$ /blog/xss-through-referer-header/ permanent;
|
|
rewrite ^/blog/my-setup-jan-2021.html$ /blog/my-setup-jan-2021/ permanent;
|
|
rewrite ^/blog/writing-prose-in-vim.html$ /blog/writing-prose-in-vim/ permanent;
|
|
|
|
rewrite ^/tag/security_advice/?$ /tag/security/ permanent;
|
|
|
|
root /usr/share/nginx/html;
|
|
index index.html index.htm;
|
|
}
|
|
|
|
location /assets {
|
|
alias /usr/share/nginx/assets;
|
|
}
|
|
|
|
#error_page 404 /404.html;
|
|
|
|
# redirect server error pages to the static page /50x.html
|
|
#
|
|
error_page 500 502 503 504 /50x.html;
|
|
location = /50x.html {
|
|
root /usr/share/nginx/html;
|
|
}
|
|
|
|
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
|
|
#
|
|
#location ~ \.php$ {
|
|
# proxy_pass http://127.0.0.1;
|
|
#}
|
|
|
|
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
|
#
|
|
#location ~ \.php$ {
|
|
# root html;
|
|
# fastcgi_pass 127.0.0.1:9000;
|
|
# fastcgi_index index.php;
|
|
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
|
|
# include fastcgi_params;
|
|
#}
|
|
|
|
# deny access to .htaccess files, if Apache's document root
|
|
# concurs with nginx's one
|
|
#
|
|
#location ~ /\.ht {
|
|
# deny all;
|
|
#}
|
|
}
|
|
|