[miniflux] Configure nginx.

diff --git a/miniflux/rss.conf b/miniflux/rss.conf
new file mode 100644 (file)
index 0000000..dbe0a09
--- /dev/null
+++ b/miniflux/rss.conf
@@ -0,0 +1,39 @@
+# Copyright (c) 2024 Jakub Czajka <jakub@ekhem.eu.org>
+# License: GPL-3.0 or later.
+
+server {
+    server_name  rss.${private_domain};
+
+    listen       [::]:443 ssl http2;
+    listen       443 ssl http2;
+
+    ssl_certificate ${private_ssl_cert_dir}/fullchain.pem;
+    ssl_certificate_key ${private_ssl_cert_dir}/privkey.pem;
+
+    ssl_client_certificate ${ca_dir}/ca.pem;
+    ssl_verify_client on;
+
+    root ${prod_dir}/${rss};
+
+    location / {
+        proxy_pass http://127.0.0.1:4080;
+        proxy_redirect off;
+        proxy_set_header Host ${dollar}host;
+        proxy_set_header X-Real-IP ${dollar}remote_addr;
+        proxy_set_header X-Forwarded-For ${dollar}proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto ${dollar}scheme;
+    }
+}
+
+server {
+    server_name  rss.${private_domain};
+
+    listen       [::]:80;
+    listen       80;
+
+    if (${dollar}host = rss.${private_domain}) {
+        return 301 https://${dollar}host${dollar}request_uri;
+    }
+
+    return 404;
+}