From be4f4a3da54070d60875fdcb808b535b17c167f2 Mon Sep 17 00:00:00 2001
From: John Cardinal <support@ayanova.com>
Date: Mon, 9 Jul 2018 18:40:24 +0000
Subject: [PATCH]

---
 notes/serverconfig/default.conf | 71 +++++++++++++++++++++++++++++++++
 1 file changed, 71 insertions(+)
 create mode 100644 notes/serverconfig/default.conf

diff --git a/notes/serverconfig/default.conf b/notes/serverconfig/default.conf
new file mode 100644
index 0000000..2d7980b
--- /dev/null
+++ b/notes/serverconfig/default.conf
@@ -0,0 +1,71 @@
+########## allow let's Encrypt on port 80 for all domains
+server {
+  listen 80;
+  listen [::]:80;
+  server_name ~. ;
+
+  location /.well-known/acme-challenge {
+    root /var/www/html;
+    default_type text/plain;
+  }
+
+  location / {
+    return 301 https://$host$uri;
+  }
+}
+
+###################### AyaNova website
+server {
+  listen 443 ssl http2;
+  listen [::]:443 ssl http2;
+  server_name gztechworks.com www.gztechworks.com; # replace with your domain
+  
+  # replace your domain in both paths (subdomains use same cert and path)
+  ssl_certificate /etc/letsencrypt/live/gztechworks.com/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/gztechworks.com/privkey.pem;
+
+  location / {
+    root         /var/www/html/ayanova.com;
+    index index.htm index.html;
+  }
+}
+
+#################### API site
+server {
+  listen 443 ssl http2;
+  listen [::]:443 ssl http2;
+  server_name api.gztechworks.com; # replace with your domain
+  
+  # replace your domain in both paths (subdomains use same cert)
+  ssl_certificate /etc/letsencrypt/live/gztechworks.com/fullchain.pem;
+  ssl_certificate_key /etc/letsencrypt/live/gztechworks.com/privkey.pem;
+
+  location / {
+    root         /var/www/html/api.ayanova.com;
+    index index.htm index.html;
+  }
+}
+
+
+################### PECKLIST
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name   peck.gztechworks.com;
+
+    # replace your domain in both paths (subdomains use same cert)
+    ssl_certificate /etc/letsencrypt/live/gztechworks.com/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/gztechworks.com/privkey.pem;
+
+    location / {
+        proxy_pass         http://gztechworks.com:3000;# NOTE Will only work if has domain, localhost will not work, no idea why
+        proxy_http_version 1.1;
+        proxy_set_header   Upgrade $http_upgrade;
+        proxy_set_header   Connection keep-alive;
+        proxy_set_header   Host $host;
+        proxy_cache_bypass $http_upgrade;
+        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header   X-Forwarded-Proto $scheme;
+
+    }
+}