From cad123682994c36427a3d7c1f53e504a3699c28e Mon Sep 17 00:00:00 2001
From: root <root@skiqqy.xyz>
Date: Sat, 17 Oct 2020 22:36:39 +0100
Subject: [PATCH] enabled ssl

---
 units/blog  | 20 +++++++++++++++++++-
 units/dblog | 20 +++++++++++++++++++-
 units/dgit  | 20 +++++++++++++++++++-
 units/dirc  | 20 +++++++++++++++++++-
 units/dproj | 20 +++++++++++++++++++-
 units/dwiki | 20 +++++++++++++++++++-
 units/git   | 20 +++++++++++++++++++-
 units/irc   | 20 +++++++++++++++++++-
 units/proj  | 20 +++++++++++++++++++-
 units/wiki  | 20 +++++++++++++++++++-
 10 files changed, 190 insertions(+), 10 deletions(-)

diff --git a/units/blog b/units/blog
index f0964f7..c41080b 100644
--- a/units/blog
+++ b/units/blog
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name blog.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/blog.skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/blog.skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
 }
+server {
+    if ($host = blog.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name blog.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
+}
\ No newline at end of file
diff --git a/units/dblog b/units/dblog
index d8db4ca..be1886b 100644
--- a/units/dblog
+++ b/units/dblog
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name blog.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/blog.skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/blog.skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    if ($host = blog.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name blog.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
 }
diff --git a/units/dgit b/units/dgit
index fdb6436..f23971a 100644
--- a/units/dgit
+++ b/units/dgit
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name git.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    if ($host = git.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name git.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
 }
diff --git a/units/dirc b/units/dirc
index 3a0cd12..c3e6aee 100644
--- a/units/dirc
+++ b/units/dirc
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name irc.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/irc.skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/irc.skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    if ($host = irc.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name irc.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
 }
diff --git a/units/dproj b/units/dproj
index 0a901e7..6c6fa1f 100644
--- a/units/dproj
+++ b/units/dproj
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name proj.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    if ($host = proj.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name proj.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
 }
diff --git a/units/dwiki b/units/dwiki
index f21ac23..26bba8b 100644
--- a/units/dwiki
+++ b/units/dwiki
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name wiki.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+server {
+    if ($host = wiki.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name wiki.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
 }
diff --git a/units/git b/units/git
index 6a5bcbc..04fef03 100644
--- a/units/git
+++ b/units/git
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name git.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
 }
+server {
+    if ($host = git.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name git.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
+}
\ No newline at end of file
diff --git a/units/irc b/units/irc
index baa6a7e..ee2174e 100644
--- a/units/irc
+++ b/units/irc
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name irc.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/irc.skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/irc.skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
 }
+server {
+    if ($host = irc.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name irc.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
+}
\ No newline at end of file
diff --git a/units/proj b/units/proj
index a8382d1..d4f422c 100644
--- a/units/proj
+++ b/units/proj
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name proj.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
 }
+server {
+    if ($host = proj.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name proj.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
+}
\ No newline at end of file
diff --git a/units/wiki b/units/wiki
index d885e3b..5800266 100644
--- a/units/wiki
+++ b/units/wiki
@@ -1,5 +1,4 @@
 server {
-	listen 80;
 	server_name wiki.skiqqy.xyz;
 
 	location / {
@@ -9,4 +8,23 @@ server {
 		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 		proxy_set_header X-Forwarded-Proto $scheme;
 	}
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/skiqqy.xyz/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/skiqqy.xyz/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
 }
+server {
+    if ($host = wiki.skiqqy.xyz) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+	listen 80;
+	server_name wiki.skiqqy.xyz;
+    return 404; # managed by Certbot
+
+
+}
\ No newline at end of file