1 files changed, 63 insertions, 0 deletions

diff --git a/roles/lounge/templates/nginx-site-config b/roles/lounge/templates/nginx-site-config
new file mode 100644
index 0000000..cc6aa4d
--- /dev/null
+++ b/roles/lounge/templates/nginx-site-config
@@ -0,0 +1,63 @@
+upstream backend {
+    server 127.0.0.1:9000;
+}
+
+proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=thelounge_cache:10m max_size=3g inactive=120m use_temp_path=off;
+
+
+server {
+	  listen 80;
+	  listen [::]:80;
+	  server_name chat.emacsconf.org;
+
+	  include snippets/well-known-acme-challenge.conf;
+
+	  location /js-licenses.html { root /var/www/{{lounge_domain}}; }
+
+	  location / {
+		    return 302 https://$server_name$request_uri;
+	  }
+}
+
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name {{lounge_domain}};
+
+	  include /etc/nginx/tls/{{emacsconf_domain}}.conf;
+
+	  location /js-licenses.html { root /var/www/{{lounge_domain}}; }
+    error_page 502 /error.html;
+    location = /error.html {
+        root /var/www/{{lounge_domain}};
+    }
+    location / {
+        proxy_pass http://backend;
+        proxy_http_version 1.1;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_set_header X-Forwarded-Proto $scheme;
+
+        # by default nginx times out connections in one minute
+        proxy_read_timeout 1d;
+    }
+
+}
+
+#server {
+#	listen 443 ssl http2;
+#       listen [::]:443 ssl http2;
+#	server_name chat.emacsconf.org;
+#
+#	include /etc/nginx/tls/emacsconf.org.conf;
+#	root /var/www/chat.emacsconf.org;
+#}
+
+server {
+    listen 80;
+    listen [::]:80;
+    server_name chat.emacsconf.com chat.emacsconf.net;
+
+    return 302 $scheme://{{lounge_domain}}$request_uri;
+}