diff --git a/nginx/nginx.conf b/nginx/nginx.conf index a7337574..5f37e1fe 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -12,6 +12,8 @@ events { } http { + root /var/empty; + include mime.types; default_type application/octet-stream; @@ -111,8 +113,6 @@ http { listen [::]:80; server_name grapheneos.org mta-sts.grapheneos.org www.grapheneos.org grapheneos.app mta-sts.grapheneos.app www.grapheneos.app grapheneos.ca mta-sts.grapheneos.ca www.grapheneos.ca grapheneos.com mta-sts.grapheneos.com www.grapheneos.com grapheneos.dev mta-sts.grapheneos.dev www.grapheneos.dev grapheneos.info mta-sts.grapheneos.info www.grapheneos.info grapheneos.net mta-sts.grapheneos.net www.grapheneos.net grapheneos.ovh mta-sts.grapheneos.ovh www.grapheneos.ovh grapheneos.page mta-sts.grapheneos.page www.grapheneos.page vanadium.app mta-sts.vanadium.app www.vanadium.app mta-sts.mail.grapheneos.org; - root /var/empty; - location /.well-known/acme-challenge/ { return 301 http://0.grapheneos.org$request_uri; } @@ -127,8 +127,6 @@ http { listen [::]:80; server_name 0.grapheneos.org; - root /var/empty; - location /.well-known/acme-challenge/ { root /srv/certbot; } @@ -149,8 +147,6 @@ http { listen [::]:443 ssl http2; server_name www.grapheneos.org grapheneos.app www.grapheneos.app grapheneos.ca www.grapheneos.ca grapheneos.com www.grapheneos.com grapheneos.dev www.grapheneos.dev grapheneos.info www.grapheneos.info grapheneos.net www.grapheneos.net grapheneos.ovh www.grapheneos.ovh grapheneos.page www.grapheneos.page; - root /var/empty; - include snippets/security-headers.conf; add_header Cross-Origin-Resource-Policy "same-origin" always; @@ -164,8 +160,6 @@ http { listen [::]:443 ssl http2; server_name vanadium.app www.vanadium.app; - root /var/empty; - include snippets/security-headers.conf; add_header Cross-Origin-Resource-Policy "same-origin" always; @@ -446,8 +440,6 @@ http { server { listen unix:/run/nginx/status.sock; - root /var/empty; - access_log off; location = / {