# Öffentlicher HTTPS-VHost — trilogyhub.de (+ optional www) # Mit Cloudflare Tunnel: oft nicht noetig (Tunnel terminiert HTTPS). # Mit Nginx + Let's Encrypt: certbot --nginx -d trilogyhub.de -d www.trilogyhub.de server { server_name trilogyhub.de www.trilogyhub.de; client_max_body_size 30m; location / { proxy_pass http://127.0.0.1:3080; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 86400; } listen [::]:443 ssl; listen 443 ssl; ssl_certificate /etc/letsencrypt/live/trilogyhub.de/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/trilogyhub.de/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; } server { listen 80; listen [::]:80; server_name trilogyhub.de www.trilogyhub.de; return 301 https://$host$request_uri; }