3 files changed, 67 insertions, 115 deletions
diff --git a/usr/local/etc/cgitrc b/usr/local/etc/cgitrc
index e1ab198..c74366d 100644
--- a/usr/local/etc/cgitrc
+++ b/usr/local/etc/cgitrc
@@ -14,8 +14,8 @@ virtual-root=/
 
 root-title=GitJoe
 root-desc=where the good code belongs
-root-readme=/usr/local/www/cgit/about.html
-footer=/usr/local/www/cgit/footer.html
+root-readme=/usr/local/www/gitjoe/about.html
+footer=/usr/local/www/gitjoe/footer.html
 
 clone-url=git://gitjoe.xyz/$CGIT_REPO_URL
 
@@ -50,8 +50,6 @@ source-filter=/usr/local/lib/cgit/filters/syntax-highlighting-edited.sh
 
 snapshots=tar.gz tar.bz tar.xz
 max-stats=year
-#root-readme=/usr/local/www/cgit/about.htm
-#root-readme=/usr/home/git/repos/about
 
 readme=:README.md
 readme=:readme.md
@@ -82,4 +80,4 @@ readme=:install.txt
 readme=:INSTALL
 readme=:install
 
-scan-path=/usr/local/git
+#scan-path=/usr/local/git
diff --git a/usr/local/etc/gmid.conf b/usr/local/etc/gmid.conf
new file mode 100644
index 0000000..cf7b293
--- /dev/null
+++ b/usr/local/etc/gmid.conf
@@ -0,0 +1,24 @@
+# drop privileges
+user "_gmid"
+
+# it's a good idea to enable chroot, but
+# beware that can make CGI scripting harder
+#chroot "/var/gemini"
+
+# An example of a server block:
+server "jozanofastora.xyz" {
+	# set the directory to serve; it's relative to the
+	# chroot (if enabled)
+	root "/usr/local/gemini"
+
+	# Set self-signed TLS cert and key.  It's better to keep
+	# the keys outside the chroot.
+	#
+	# You should generate them manually, for example:
+	# openssl req -x509 -newkey rsa:4096 -nodes		\
+	#	-out /usr/local/etc/ssl/gmid/localhost.crt	\
+	#	-keyout /usr/local/etc/ssl/gmid/localhost.key	\
+	# 	-subj "/CN=localhost"
+	cert "/usr/local/etc/letsencrypt/live/jozanofastora.xyz/cert.pem"
+	key  "/usr/local/etc/letsencrypt/live/jozanofastora.xyz/privkey.pem"
+}
diff --git a/usr/local/etc/nginx/nginx.conf b/usr/local/etc/nginx/nginx.conf
index cb034ba..acc23ac 100644
--- a/usr/local/etc/nginx/nginx.conf
+++ b/usr/local/etc/nginx/nginx.conf
@@ -26,7 +26,7 @@ http {
 	}
 
 	server{
-		server_name  jozanofastora.xyz www.jozanofastora.xyz;
+		server_name  jozanofastora.xyz;
 		root   /usr/local/www/jozan;
 		index  index.html;
 		expires $expires;
@@ -50,58 +50,14 @@ http {
 			root   /usr/local/www/nginx-dist;
 		}
 	
-
-    listen 443 ssl; # managed by Certbot
-    ssl_certificate /usr/local/etc/letsencrypt/live/git.jozanofastora.xyz/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /usr/local/etc/letsencrypt/live/git.jozanofastora.xyz/privkey.pem; # managed by Certbot
-    include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
-    ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
-
-
-
-}
-
-	server{
-		server_name  gitjoe.xyz www.gitjoe.xyz git.jozanofastora.xyz;
-		expires $expires;
-		root   /usr/local/www/gitjoe;
-		index  index.html;
-
-		location / {
-			try_files $uri $uri/ =404;
-		} 
-		location ~ /\.ht {
-			deny all;
-		}
-		error_page  403 /403.html;
-		location = /403.html {
-			root /usr/local/www/gitjoe/err;
-		}
-		error_page  404 /404.html;
-		location = /404.html {
-			root /usr/local/www/gitjoe/err;
-		}
-		error_page   500 502 503 504  /50x.html;
-		location = /50x.html {
-			root   /usr/local/www/nginx-dist;
-		}
-	
-
-    listen 443 ssl; # managed by Certbot
-    ssl_certificate /usr/local/etc/letsencrypt/live/git.jozanofastora.xyz/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /usr/local/etc/letsencrypt/live/git.jozanofastora.xyz/privkey.pem; # managed by Certbot
-    include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
-    ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
-
-
-
-
-
+	listen 443 ssl;
+	ssl_certificate /usr/local/etc/letsencrypt/live/jozanofastora.xyz/fullchain.pem;
+	ssl_certificate_key /usr/local/etc/letsencrypt/live/jozanofastora.xyz/privkey.pem;
 }
 
 	server {
-		server_name repos.gitjoe.xyz;
-		root /usr/local/www/cgit;
+		server_name gitjoe.xyz;
+		root /usr/local/www/gitjoe;
 		try_files $uri @cgit;
 		index cgit.cgi;
 
@@ -115,7 +71,6 @@ http {
 			fastcgi_pass    unix:/var/run/fcgiwrap/fcgiwrap.sock;
 
 			gzip off;
-			#rewrite ^ https://$server_name$request_uri permanent;
 			rewrite ^/([^/]+/.*)?$ /cgit.cgi?url=$1 break;
 		}
 		error_page   500 502 503 504  /50x.html;
@@ -123,13 +78,9 @@ http {
 			root   /usr/local/www/nginx-dist;
 		}
 
-	
-    listen 443 ssl; # managed by Certbot
-    ssl_certificate /usr/local/etc/letsencrypt/live/git.jozanofastora.xyz/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /usr/local/etc/letsencrypt/live/git.jozanofastora.xyz/privkey.pem; # managed by Certbot
-    include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
-    ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
-
+	listen 443 ssl;
+	ssl_certificate /usr/local/etc/letsencrypt/live/gitjoe.xyz/fullchain.pem;
+	ssl_certificate_key /usr/local/etc/letsencrypt/live/gitjoe.xyz/privkey.pem;
 } 
 
 	server {
@@ -159,80 +110,59 @@ http {
 			scgi_pass 127.0.0.1:12345;
 		}
 	
-
-    listen 443 ssl; # managed by Certbot
-    ssl_certificate /usr/local/etc/letsencrypt/live/git.jozanofastora.xyz/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /usr/local/etc/letsencrypt/live/git.jozanofastora.xyz/privkey.pem; # managed by Certbot
-    include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Ce/srvrtbot
-    ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Cert/srvbot
-
-	
-}
-
-
-
-server {
-	if ($host = repos.gitjoe.xyz) {
-		return 301 https://$host/?p=about;
-	} # managed by Certbot
-
-
-	listen 80;
-	server_name repos.gitjoe.xyz;
-	return 404; # managed by Certbot
-
-
+	listen 443 ssl;
+	ssl_certificate /usr/local/etc/letsencrypt/live/gitjoe.xyz/fullchain.pem;
+	ssl_certificate_key /usr/local/etc/letsencrypt/live/gitjoe.xyz/privkey.pem;
 }
 
 server{
-	if ($host = git.jozanofastora.xyz) {
-		return 301 https://gitjoe.xyz$request_uri;
-	} # managed by Certbot
-
-	if ($host = www.gitjoe.xyz) {
-		return 301 https://gitjoe.xyz$request_uri;
-	} # managed by Certbot
-
 	if ($host = gitjoe.xyz) {
-		return 301 https://$host$request_uri;
-	} # managed by Certbot
+		return 301 https://$host?p=about;
+	}
 
-	server_name  gitjoe.xyz www.gitjoe.xyz git.jozanofastora.xyz;
+	server_name  gitjoe.xyz;
 	listen 80;
-	return 404; # managed by Certbot
-
-
-
-
+	return 404;
 }
 
 server{
-	if ($host = www.jozanofastora.xyz) {
-		return 301 https://jozanofastora.xyz$request_uri;
-	} # managed by Certbot
-
 	if ($host = jozanofastora.xyz) {
 		return 301 https://$host$request_uri;
-	} # managed by Certbot
-
+	}
 
-	server_name  jozanofastora.xyz www.jozanofastora.xyz;
+	server_name  jozanofastora.xyz;
 	listen 80;
-	return 404; # managed by Certbot
-
-
+	return 404;
 }
 
 server {
 	if ($host = fossil.jozanofastora.xyz) {
 		return 301 https://$host$request_uri;
-	} # managed by Certbot
-
+	}
 
 	server_name fossil.jozanofastora.xyz;
 	listen 80;
-	return 404; # managed by Certbot
+	return 404;
+}
+
+server {
+	server_name  www.jozanofastora.xyz;
+	listen 80;
+	listen 443 ssl;
+	rewrite ^/(.*) http://jozanofastora.xyz/$1 permanent;
+	ssl_certificate /usr/local/etc/letsencrypt/live/jozanofastora.xyz/fullchain.pem;
+	ssl_certificate_key /usr/local/etc/letsencrypt/live/jozanofastora.xyz/privkey.pem;
+	return 404;
+}
 
+server {
 
+	server_name  www.gitjoe.xyz git.jozanofastora.xyz;
+	listen 80;
+	listen 443 ssl;
+	rewrite ^/(.*) http://gitjoe.xyz/?p=about permanent;
+	ssl_certificate /usr/local/etc/letsencrypt/live/gitjoe.xyz/fullchain.pem;
+	ssl_certificate_key /usr/local/etc/letsencrypt/live/gitjoe.xyz/privkey.pem;
+	return 404;
 }
 }