From 76cc4ae336940305715c34745e5d9aab4a9ef074 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Thu, 9 Feb 2023 10:12:20 -0500 Subject: [PATCH] avoid unnecessary ACME challenge redirects --- nginx/nginx.conf | 28 +++++++++------------------- 1 file changed, 9 insertions(+), 19 deletions(-) diff --git a/nginx/nginx.conf b/nginx/nginx.conf index bed723e2..d0a42d9c 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -129,12 +129,18 @@ http { root /var/empty; - return 301 https://$host$request_uri; + location /.well-known/acme-challenge/ { + return 301 http://0.grapheneos.org$request_uri; + } + + location / { + return 301 https://$host$request_uri; + } } server { - listen 443 ssl http2; - listen [::]:443 ssl http2; + listen 80; + listen [::]:80; server_name 0.grapheneos.org; root /var/empty; @@ -158,10 +164,6 @@ http { include snippets/security-headers.conf; add_header Cross-Origin-Resource-Policy "same-origin" always; - location /.well-known/acme-challenge/ { - return 301 https://0.grapheneos.org$request_uri; - } - location / { return 301 https://grapheneos.org$request_uri; } @@ -177,10 +179,6 @@ http { include snippets/security-headers.conf; add_header Cross-Origin-Resource-Policy "same-origin" always; - location /.well-known/acme-challenge/ { - return 301 https://0.grapheneos.org$request_uri; - } - location / { return 302 https://github.com/GrapheneOS/Vanadium; } @@ -407,10 +405,6 @@ http { try_files $uri.html =404; } - location ^~ /.well-known/acme-challenge/ { - return 301 https://0.grapheneos.org$request_uri; - } - location ^~ /fonts/ { include snippets/security-headers.conf; add_header Cross-Origin-Resource-Policy "same-origin" always; @@ -510,10 +504,6 @@ http { location = /.well-known/mta-sts.txt {} - location /.well-known/acme-challenge/ { - return 301 https://0.grapheneos.org$request_uri; - } - location / { return 404; }