worker_processes  1;

events {
	worker_connections  1024;
}

http {
	include			mime.types;
	default_type		application/octet-stream;
	sendfile		on;
	keepalive_timeout	65;
	gzip			on;
	gzip_vary		on;
 	gzip_min_length		1k;
 	gzip_proxied		expired no-cache no-store private auth;
 	gzip_buffers		4 16k;
 	gzip_http_version	1.1;
 	gzip_comp_level		2;
 	gzip_types		text/plain application/x-javascript application/javascript text/css application/xml application/json;

	map $sent_http_content_type $expires {
		default                    off;
		text/css                   15m;
		application/javascript     15m;
		~image/                    15m;
	}

# JOZAN

	server{
		server_name  jozan.org;
		root   /var/www/joe;
		index  index.html;
		expires $expires;

		location / {
			try_files $uri $uri/ =404;
		} 
		location ~ /\.ht {
			deny all;
		}
		location ~ \.cgi$ {
			include		fastcgi_params;
			fastcgi_param   SCRIPT_FILENAME $document_root/asm-example.cgi;
			fastcgi_param   PATH_INFO       $uri;
			fastcgi_param   HTTP_HOST       $server_name;
			fastcgi_pass    unix:/var/run/fcgiwrap/fcgiwrap.sock;
		}
		error_page  403 /403.html;
		location = /403.html {
			root /var/www/joe/err;
		}
		error_page  404 /404.html;
		location = /404.html {
			root /var/www/joe/err;
		}
		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   /usr/local/www/nginx-dist;
		}
	
    listen 443 ssl; # managed by Certbot
    ssl_certificate /usr/local/etc/letsencrypt/live/jozan.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /usr/local/etc/letsencrypt/live/jozan.org/privkey.pem; # managed by Certbot
    include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}

# GITJOE

	server {
		server_name gitjoe.xyz;
		root /var/www/gitjoe;
		try_files $uri @cgit;
		index cgit.cgi;

		location @cgit {
			include		fastcgi_params;
			fastcgi_param   SCRIPT_FILENAME $document_root/cgit.cgi;
			fastcgi_param   PATH_INFO       $uri;
			fastcgi_param   QUERY_STRING    $args;
			fastcgi_param   HTTP_HOST       $server_name;
			fastcgi_param   CGIT_CONFIG	/usr/local/etc/cgitrc;
			fastcgi_pass    unix:/var/run/fcgiwrap/fcgiwrap.sock;

			gzip off;
			rewrite ^/([^/]+/.*)?$ /cgit.cgi?url=$1 break;
		}
		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   /usr/local/www/nginx-dist;
		}

	listen 443 ssl;

    ssl_certificate /usr/local/etc/letsencrypt/live/jozan.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /usr/local/etc/letsencrypt/live/jozan.org/privkey.pem; # managed by Certbot
}

# REDIRECT 80 to 443

server{
    if ($host = jozan.org) {
        return 301 https://$host$request_uri;
    }


    if ($host = www.jozanofastora.xyz) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = jozanofastora.xyz) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = www.jozan.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    if ($host = gitjoe.xyz) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

	server_name  jozan.org www.jozan.org jozanofastora.xyz www.jozanofastora.xyz gitjoe.xyz;
    listen 80;
    return 404;
}

# REDIRECT 443 to JOZAN 443

server{
	listen 443 ssl;
	server_name www.jozan.org jozanofastora.xyz www.jozanofastora.xyz;
	return 301 $scheme://jozan.org$request_uri;
    ssl_certificate /usr/local/etc/letsencrypt/live/jozan.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /usr/local/etc/letsencrypt/live/jozan.org/privkey.pem; # managed by Certbot
    include /usr/local/etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /usr/local/etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
}