diff --git a/apache2/php-fpm/public.stpl b/apache2/php-fpm/public.stpl
new file mode 100644
index 0000000..22357ed
--- /dev/null
+++ b/apache2/php-fpm/public.stpl
@@ -0,0 +1,41 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %sdocroot%/public
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ AllowOverride All
+
+
+ AllowOverride All
+ SSLRequireSSL
+ Options +Includes -Indexes +ExecCGI
+
+ SSLEngine on
+ SSLVerifyClient none
+ SSLCertificateFile %ssl_crt%
+ SSLCertificateKeyFile %ssl_key%
+ %ssl_ca_str%SSLCertificateChainFile %ssl_ca%
+
+
+ SetHandler "proxy:%backend_lsnr%|fcgi://localhost"
+
+ SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+ IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.ssl.conf_*
+
+
+
diff --git a/apache2/php-fpm/public.tpl b/apache2/php-fpm/public.tpl
new file mode 100644
index 0000000..d41c31e
--- /dev/null
+++ b/apache2/php-fpm/public.tpl
@@ -0,0 +1,38 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+
+ ServerName %domain_idn%
+ %alias_string%
+ ServerAdmin %email%
+ DocumentRoot %docroot%/public
+ ScriptAlias /cgi-bin/ %home%/%user%/web/%domain%/cgi-bin/
+ Alias /vstats/ %home%/%user%/web/%domain%/stats/
+ Alias /error/ %home%/%user%/web/%domain%/document_errors/
+ #SuexecUserGroup %user% %group%
+ CustomLog /var/log/%web_system%/domains/%domain%.bytes bytes
+ CustomLog /var/log/%web_system%/domains/%domain%.log combined
+ ErrorLog /var/log/%web_system%/domains/%domain%.error.log
+
+ IncludeOptional %home%/%user%/conf/web/%domain%/apache2.forcessl.conf*
+
+
+ AllowOverride All
+
+
+ AllowOverride All
+ Options +Includes -Indexes +ExecCGI
+
+
+
+ SetHandler "proxy:%backend_lsnr%|fcgi://localhost"
+
+ SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
+
+ IncludeOptional %home%/%user%/conf/web/%domain%/%web_system%.conf_*
+
+
+
diff --git a/nginx/filerun.stpl b/nginx/filerun.stpl
new file mode 100644
index 0000000..29906e0
--- /dev/null
+++ b/nginx/filerun.stpl
@@ -0,0 +1,46 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+ listen %ip%:%proxy_ssl_port% ssl http2;
+ listen [::]:%proxy_ssl_port% ssl http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+ location / {
+ proxy_pass http://127.0.1.1:8030;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+# root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://127.0.1.1:8030;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/filerun.tpl b/nginx/filerun.tpl
new file mode 100644
index 0000000..31d1673
--- /dev/null
+++ b/nginx/filerun.tpl
@@ -0,0 +1,43 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+ listen %ip%:%proxy_port% ;
+ listen [::]:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+ location / {
+ proxy_pass http://127.0.0.1:8010;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://127.0.0.1:8010;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/gitea.stpl b/nginx/gitea.stpl
new file mode 100644
index 0000000..6f994fe
--- /dev/null
+++ b/nginx/gitea.stpl
@@ -0,0 +1,46 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+ listen %ip%:%proxy_ssl_port% ssl http2;
+ listen [::]:%proxy_ssl_port% ssl http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+ location / {
+ proxy_pass http://127.0.1.1:5320;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+# root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://127.0.1.1:5320;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/gitea.tpl b/nginx/gitea.tpl
new file mode 100644
index 0000000..31d1673
--- /dev/null
+++ b/nginx/gitea.tpl
@@ -0,0 +1,43 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+ listen %ip%:%proxy_port% ;
+ listen [::]:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+ location / {
+ proxy_pass http://127.0.0.1:8010;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://127.0.0.1:8010;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/jiji.stpl b/nginx/jiji.stpl
new file mode 100644
index 0000000..17464cb
--- /dev/null
+++ b/nginx/jiji.stpl
@@ -0,0 +1,47 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+map $http_upgrade $connection_upgrade {
+ default upgrade;
+ '' close;
+}
+
+server {
+ listen %ip%:%proxy_ssl_port% ssl http2;
+ listen [::]:%proxy_ssl_port% ssl http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+ client_max_body_size 80m;
+
+ location / {
+ proxy_pass http://127.0.1.1:3003;
+ proxy_set_header Host $host;
+ proxy_http_version 1.1;
+ proxy_redirect off;
+
+
+ # For WebSocket
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection $connection_upgrade;
+
+ }
+
+
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/jiji.tpl b/nginx/jiji.tpl
new file mode 100644
index 0000000..d657828
--- /dev/null
+++ b/nginx/jiji.tpl
@@ -0,0 +1,39 @@
+#=========================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+# https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work #
+#=========================================================================#
+
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+ location / {
+ proxy_pass http://%ip%:%web_port%;
+ location ~* ^.+\.(%proxy_extensions%)$ {
+ root %docroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://%ip%:%web_port%;
+ }
+
+ location ~ /\.(?!well-known\/|file) {
+ deny all;
+ return 404;
+ }
+
+ include %home%/%user%/conf/web/%domain%/nginx.conf_*;
+}
+
diff --git a/nginx/mail.stpl b/nginx/mail.stpl
new file mode 100644
index 0000000..69d1ae8
--- /dev/null
+++ b/nginx/mail.stpl
@@ -0,0 +1,40 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+ listen %ip%:%proxy_ssl_port% ssl http2;
+ listen [::]:%proxy_ssl_port% ssl http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+ location / {
+ proxy_pass https://127.0.0.1:8020;
+ proxy_set_header Host $http_host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_redirect off;
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/mail.tpl b/nginx/mail.tpl
new file mode 100644
index 0000000..31d1673
--- /dev/null
+++ b/nginx/mail.tpl
@@ -0,0 +1,43 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+ listen %ip%:%proxy_port% ;
+ listen [::]:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+ location / {
+ proxy_pass http://127.0.0.1:8010;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://127.0.0.1:8010;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/matrix.stpl b/nginx/matrix.stpl
new file mode 100644
index 0000000..2dfdfee
--- /dev/null
+++ b/nginx/matrix.stpl
@@ -0,0 +1,45 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+ listen %ip%:%proxy_ssl_port% ssl http2;
+ listen 8448 ssl default_server;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+ root %sdocroot%;
+ # Enable gzip but do not remove ETag headers
+ gzip on;
+ gzip_vary on;
+ gzip_comp_level 4;
+ gzip_min_length 256;
+ gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
+ gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
+ location /.well-known/matrix/client {
+ return 200 '{"m.homeserver": {"base_url": "https://im.kernel.ws"}}';
+ default_type application/json;
+ add_header Access-Control-Allow-Origin *;
+ }
+ location ~* ^(\/_matrix|\/_synapse) {
+ proxy_pass http://localhost:8008;
+ proxy_set_header X-Forwarded-For $remote_addr;
+ # Nginx by default only allows file uploads up to 1M in size
+ # Increase client_max_body_size to match max_upload_size defined in homeserver.yaml
+ }
+ location /admin/ {
+ proxy_pass http://localhost:8100/;
+ proxy_set_header X-Forwarded-For $remote_addr;
+ }
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/matrix.tpl b/nginx/matrix.tpl
new file mode 100644
index 0000000..3e08844
--- /dev/null
+++ b/nginx/matrix.tpl
@@ -0,0 +1,42 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+server {
+ listen %ip%:%proxy_port% ;
+ server_name %domain_idn% %alias_idn%;
+
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+ location / {
+ proxy_pass http://127.0.0.1:8010;
+ location ~* ^.+\.(%proxy_extentions%)$ {
+ root %sdocroot%;
+ access_log /var/log/%web_system%/domains/%domain%.log combined;
+ access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
+ expires max;
+ try_files $uri @fallback;
+ }
+ }
+
+ location /error/ {
+ alias %home%/%user%/web/%domain%/document_errors/;
+ }
+
+ location @fallback {
+ proxy_pass http://127.0.0.1:8010;
+ }
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/misskey.stpl b/nginx/misskey.stpl
new file mode 100644
index 0000000..39c4fad
--- /dev/null
+++ b/nginx/misskey.stpl
@@ -0,0 +1,47 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+map $http_upgrade $connection_upgrade {
+ default upgrade;
+ '' close;
+}
+
+server {
+ listen %ip%:%proxy_ssl_port% ssl http2;
+ listen [::]:%proxy_ssl_port% ssl http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+ include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+ client_max_body_size 80m;
+
+ location / {
+ proxy_pass http://127.0.1.1:3000;
+ proxy_set_header Host $host;
+ proxy_http_version 1.1;
+ proxy_redirect off;
+
+
+ # For WebSocket
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection $connection_upgrade;
+
+ }
+
+
+
+ location ~ /\.ht {return 404;}
+ location ~ /\.svn/ {return 404;}
+ location ~ /\.git/ {return 404;}
+ location ~ /\.hg/ {return 404;}
+ location ~ /\.bzr/ {return 404;}
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/misskey.tpl b/nginx/misskey.tpl
new file mode 100644
index 0000000..9fe897b
--- /dev/null
+++ b/nginx/misskey.tpl
@@ -0,0 +1,9 @@
+server {
+ listen %ip%:%proxy_port%;
+ listen [::]:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ location / {
+ rewrite ^(.*) https://%domain_idn%$1 permanent;
+ }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}
diff --git a/nginx/pleroma.stpl b/nginx/pleroma.stpl
new file mode 100644
index 0000000..0156e1b
--- /dev/null
+++ b/nginx/pleroma.stpl
@@ -0,0 +1,64 @@
+#=======================================================================#
+# Default Web Domain Template #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+
+# this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only
+# and `localhost.` resolves to [::0] on some systems: see issue #930
+upstream phoenix {
+ server 127.0.0.1:4004 max_fails=5 fail_timeout=60s;
+}
+
+
+server {
+ listen %ip%:%proxy_ssl_port% ssl http2;
+ server_name %domain_idn% %alias_idn%;
+ ssl_certificate %ssl_pem%;
+ ssl_certificate_key %ssl_key%;
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ error_log /var/log/%web_system%/domains/%domain%.error.log error;
+
+
+ keepalive_timeout 70;
+ sendfile on;
+ client_max_body_size 80m;
+
+
+ gzip_vary on;
+ gzip_proxied any;
+ gzip_comp_level 6;
+ gzip_buffers 16 8k;
+ gzip_http_version 1.1;
+ gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;
+
+
+ ignore_invalid_headers off;
+
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "upgrade";
+ proxy_set_header Host $http_host;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+ location / {
+ proxy_pass http://phoenix;
+ }
+
+ location ~ ^/(media|proxy) {
+
+ slice 1m;
+ proxy_cache_key $host$uri$is_args$args$slice_range;
+ proxy_set_header Range $slice_range;
+ proxy_cache_valid 200 206 301 304 1h;
+ proxy_cache_lock on;
+ proxy_ignore_client_abort on;
+ proxy_buffering on;
+ chunked_transfer_encoding on;
+ proxy_pass http://phoenix;
+ }
+
+ include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+
diff --git a/nginx/pleroma.tpl b/nginx/pleroma.tpl
new file mode 100644
index 0000000..851ac0d
--- /dev/null
+++ b/nginx/pleroma.tpl
@@ -0,0 +1,8 @@
+server {
+ listen %ip%:%proxy_port%;
+ server_name %domain_idn% %alias_idn%;
+ location / {
+ rewrite ^(.*) https://%domain_idn%$1 permanent;
+ }
+include %home%/%user%/conf/web/*nginx.%domain_idn%.conf_letsencrypt;
+}