diff --git a/docker-compose.yml b/docker-compose.yml index e9feb6e..a8acf23 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,16 +2,11 @@ version: '3.8' services: nginx: - build: - context: . - dockerfile: docker/nginx/Dockerfile + image: nginx:alpine ports: - "80:80" - - "443:443" volumes: - ./docker/nginx:/etc/nginx/conf.d - - ./letsencrypt:/etc/letsencrypt - - ./certbot-www:/var/www/certbot depends_on: - frontend - backend diff --git a/docker/nginx/default.conf b/docker/nginx/default.conf index 78697ec..cf6d704 100644 --- a/docker/nginx/default.conf +++ b/docker/nginx/default.conf @@ -6,40 +6,9 @@ upstream frontend_upstream { server frontend:5173; } -# Редирект с HTTP на HTTPS server { listen 80; server_name itformhelp.ru www.itformhelp.ru; - - location /.well-known/acme-challenge/ { - root /var/www/certbot; - } - - location / { - return 301 https://$host$request_uri; - } -} - -# Основной HTTPS сервер -server { - listen 443 ssl; - http2 on; - server_name itformhelp.ru www.itformhelp.ru; - - ssl_certificate /etc/letsencrypt/live/itformhelp.ru/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/itformhelp.ru/privkey.pem; - - # Дополнительные настройки SSL - ssl_trusted_certificate /etc/letsencrypt/live/itformhelp.ru/chain.pem; - ssl_stapling on; - ssl_stapling_verify on; - resolver 8.8.8.8 8.8.4.4 valid=300s; - resolver_timeout 5s; - - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - add_header X-Frame-Options SAMEORIGIN; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; # Frontend proxy location / { @@ -72,5 +41,5 @@ server { server { listen 80; server_name 185.139.70.62; - return 301 https://itformhelp.ru$request_uri; + return 301 http://itformhelp.ru$request_uri; } \ No newline at end of file