From 8e8ae2ac01cdde753e67ad3cb99da6cbd2be135d Mon Sep 17 00:00:00 2001
From: Zack <zack.scholl@gmail.com>
Date: Sat, 13 Feb 2016 20:23:24 -0500
Subject: [PATCH] Create awwkoala.ssl.nginx

Former-commit-id: 66e408b0515bc0f5b153c86cb6d921e3498b7ab9 [formerly 638216bfa3e3dd8e3fca48deee6c840d179e73f8] [formerly b47acb1d7c4cb2cc0a17e81481010f10139b1293 [formerly 1a2db9ce1cbc14b9817e2720fd28f323d23f25bc]]
Former-commit-id: bfa2b68b933b73de0e5dd4977e5d5fab5b73cedf [formerly 9eee1bb571a0c59a041b78533114a58fcdda7101]
Former-commit-id: ab088f318f7e7bd6c4c0b21a4c740eafb0808f66
---
 letsencrypt/awwkoala.ssl.nginx | 50 ++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 letsencrypt/awwkoala.ssl.nginx

diff --git a/letsencrypt/awwkoala.ssl.nginx b/letsencrypt/awwkoala.ssl.nginx
new file mode 100644
index 0000000..90efeb5
--- /dev/null
+++ b/letsencrypt/awwkoala.ssl.nginx
@@ -0,0 +1,50 @@
+server {
+    listen      80;
+    server_name ADDRESS;
+    rewrite     ^   https://$server_name$request_uri? permanent;
+}
+
+server {
+  # SERVER BLOCK FOR ADDRESS
+  listen   443 ssl;
+  ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+  ssl_certificate         /etc/letsencrypt/live/ADDRESS/cert.pem; 
+  ssl_certificate_key     /etc/letsencrypt/live/ADDRESS/privkey.pem; 
+
+	access_log /etc/nginx/logs/access-ADDRESS.log;
+	error_log /etc/nginx/logs/error-ADDRESS.log info;
+	root CUR_DIR;
+	server_name ADDRESS;
+
+	# Media: images, icons, video, audio, HTC
+	location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
+		expires 1M;
+		access_log off;
+		add_header Cache-Control "public";
+	}
+
+	# CSS and Javascript
+	location ~* \.(?:css|js)$ {
+		expires 1y;
+		access_log off;
+		add_header Cache-Control "public";
+	}
+
+	location ^~ /static  {
+		try_files $uri $uri/ =404;
+	}
+
+	location ~ ^/ {
+		proxy_set_header X-Real-IP $remote_addr;
+		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+		proxy_set_header Host $http_host;
+		proxy_set_header X-NginX-Proxy true;
+
+		proxy_pass https://127.0.0.1:PORT;
+		proxy_redirect off;
+
+		proxy_http_version 1.1;
+		proxy_set_header Upgrade $http_upgrade;
+		proxy_set_header Connection "upgrade";
+	}
+}