# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
# configuration of curious.art / frode klevstul / oct 2025
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

# enforce ssl and bare domain (without www) for http requests
# ($server_name will return the first value given)
server {
    listen 80;
    server_name curious.art www.curious.art;
    return 301 https://$server_name$request_uri;
}

# www to bare domain for https requests
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2 on;

    ssl_certificate /etc/nginx/acme.sh/curious.art/fullchain.pem;
    ssl_certificate_key /etc/nginx/acme.sh/curious.art/key.pem;
    ssl_trusted_certificate /etc/nginx/acme.sh/curious.art/cert.pem;

    server_name www.curious.art;
    return 301 $scheme://curious.art$request_uri;
}

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    http2 on;

    ssl_certificate /etc/nginx/acme.sh/curious.art/fullchain.pem;
    ssl_certificate_key /etc/nginx/acme.sh/curious.art/key.pem;
    ssl_trusted_certificate /etc/nginx/acme.sh/curious.art/cert.pem;

    root /var/www/curious.art/jongleur;
    index index.html;
    server_name curious.art;

    # redirect 404 not found to the root
    location / {
	   error_page 404 = @myownredirect;
    }

    location @myownredirect {
        return 302 /;
    }
}