From f1531333ef646f4877ae8c2c2a7b12f146b528c7 Mon Sep 17 00:00:00 2001
From: zino <marlon.maschkiwitz@4players.io>
Date: Tue, 5 Dec 2023 17:53:44 +0100
Subject: [PATCH] m

---
 volumes/conf.d/code.zinomedia.de.conf         |  2 +-
 .../validate.vouch.armos.zinomedia.de.conf    | 32 +++++++++++++++++++
 volumes/conf.d/vouch.armos.zinomedia.de.conf  |  3 +-
 3 files changed, 34 insertions(+), 3 deletions(-)
 create mode 100644 volumes/conf.d/validate.vouch.armos.zinomedia.de.conf

diff --git a/volumes/conf.d/code.zinomedia.de.conf b/volumes/conf.d/code.zinomedia.de.conf
index a0a424c..5b69636 100644
--- a/volumes/conf.d/code.zinomedia.de.conf
+++ b/volumes/conf.d/code.zinomedia.de.conf
@@ -1,6 +1,6 @@
 server {
     listen 443 ssl;
-    #listen [::]:443 ssl;
+    listen [::]:443 ssl;
     server_name code.zinomedia.de;
 
     access_log off;
diff --git a/volumes/conf.d/validate.vouch.armos.zinomedia.de.conf b/volumes/conf.d/validate.vouch.armos.zinomedia.de.conf
new file mode 100644
index 0000000..1797169
--- /dev/null
+++ b/volumes/conf.d/validate.vouch.armos.zinomedia.de.conf
@@ -0,0 +1,32 @@
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name validate.vouch.armos.zinomedia.de;
+
+    access_log off;
+    error_log /var/log/nginx/error.log error;
+
+    ssl_certificate /etc/letsencrypt/live/validate.vouch.armos.zinomedia.de/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/validate.vouch.armos.zinomedia.de/privkey.pem;
+
+    # SSL Optimizations
+    #ssl_protocols TLSv1.2 TLSv1.3;
+    #ssl_session_cache shared:SSL:10m;
+    #ssl_session_timeout 10m;
+
+    #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+
+    location / {
+        resolver 127.0.0.11;
+        set $upstream "http://vouch:9090/validate";
+        proxy_set_header Host $http_host;
+        proxy_pass $upstream;
+    }
+}
+
+server {
+    listen 80;
+    listen [::]:80;
+    server_name validate.vouch.armos.zinomedia.de;
+    return 301 https://$host$request_uri;
+}
\ No newline at end of file
diff --git a/volumes/conf.d/vouch.armos.zinomedia.de.conf b/volumes/conf.d/vouch.armos.zinomedia.de.conf
index f5dbf21..fea9f58 100644
--- a/volumes/conf.d/vouch.armos.zinomedia.de.conf
+++ b/volumes/conf.d/vouch.armos.zinomedia.de.conf
@@ -19,9 +19,8 @@ server {
     location / {
         resolver 127.0.0.11;
         set $upstream "http://vouch:9090";
-
-        proxy_pass $upstream;
         proxy_set_header Host $http_host;
+        proxy_pass $upstream;
     }
 }