From d2222d9c2e6f1fc84f9ba94f3bd80d49216e2432 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christer=20War=C3=A9n?= <cwchristerw@gmail.com>
Date: Tue, 9 Sep 2025 15:38:40 +0300
Subject: [PATCH] Enable SSL in Nginx configuration

---
 files/nginx/conf/000-default.conf | 64 +++++++++++++++----------------
 1 file changed, 32 insertions(+), 32 deletions(-)

diff --git a/files/nginx/conf/000-default.conf b/files/nginx/conf/000-default.conf
index 93644d5..45d1b25 100644
--- a/files/nginx/conf/000-default.conf
+++ b/files/nginx/conf/000-default.conf
@@ -19,7 +19,7 @@ server {
         root   /usr/share/nginx/html;
         index  index.html index.htm;
 
-        #return 301 https://$host$request_uri;
+        return 301 https://$host$request_uri;
     }
 
     if ($request_method !~ ^(GET|HEAD|POST)$ )
@@ -28,43 +28,43 @@ server {
     }
 }
 
-# server {
+server {
 
-#     listen  443 ssl default_server;
-#     listen  [::]:443 ssl default_server;
+    listen  443 ssl default_server;
+    listen  [::]:443 ssl default_server;
 
-#     server_name _;
+    server_name _;
 
-#     http2 on;
+    http2 on;
 
-#     ssl_certificate /etc/nginx/certs/pvjjk-1vos-niinisalo/fullchain.pem;
-#     ssl_certificate_key /etc/nginx/certs/pvjjk-1vos-niinisalo/privkey.pem;
-#     ssl_protocols TLSv1.2 TLSv1.3;
-#     ssl_ecdh_curve X25519:prime256v1:secp384r1;
-#     ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
-#     ssl_prefer_server_ciphers off;
-#     ssl_session_cache shared:SSL:20m;
-#     ssl_session_timeout 180m;
+    ssl_certificate /etc/nginx/certs/pvjjk-1vos-niinisalo/fullchain.pem;
+    ssl_certificate_key /etc/nginx/certs/pvjjk-1vos-niinisalo/privkey.pem;
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_ecdh_curve X25519:prime256v1:secp384r1;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
+    ssl_prefer_server_ciphers off;
+    ssl_session_cache shared:SSL:20m;
+    ssl_session_timeout 180m;
 
-#     ssl_trusted_certificate /etc/nginx/certs/pvjjk-1vos-niinisalo/chain.pem;
+    ssl_trusted_certificate /etc/nginx/certs/pvjjk-1vos-niinisalo/chain.pem;
 
-#     expires off;
-#     etag off;
-#     if_modified_since off;
+    expires off;
+    etag off;
+    if_modified_since off;
 
-#     gzip on;
-#     gzip_min_length 1000;
-#     gzip_proxied any;
-#     gzip_types *;
-#     gunzip on;
+    gzip on;
+    gzip_min_length 1000;
+    gzip_proxied any;
+    gzip_types *;
+    gunzip on;
 
-#     location / {
-#         root   /usr/share/nginx/html;
-#         index  index.html index.htm;
-#     }
+    location / {
+        root   /usr/share/nginx/html;
+        index  index.html index.htm;
+    }
 
-#     if ($request_method !~ ^(GET|HEAD|POST)$ )
-#     {
-#        return 405;
-#     }
-# }
+    if ($request_method !~ ^(GET|HEAD|POST)$ )
+    {
+       return 405;
+    }
+}