feat(nginx): serve launcher downloads from apex vhost
Port the /launcher/* static route from caddy's 10-static.caddy to the nginx apex server (alias -> ./mirror/launcher, autoindex). /ca.crt is omitted — LE certs are publicly trusted, no guest CA import needed. The 20-mirror.caddy upstream spoofs stay caddy/air-gap-only. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -24,7 +24,9 @@ server {
|
|||||||
return 301 https://$host$request_uri;
|
return 301 https://$host$request_uri;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Apex — static landing page.
|
# Apex — static landing page (./www) + launcher downloads (./mirror/launcher).
|
||||||
|
# /ca.crt from the caddy path is intentionally omitted: LE certs are publicly
|
||||||
|
# trusted, so guests need no CA import.
|
||||||
server {
|
server {
|
||||||
listen 443 ssl;
|
listen 443 ssl;
|
||||||
listen [::]:443 ssl;
|
listen [::]:443 ssl;
|
||||||
@@ -34,9 +36,17 @@ server {
|
|||||||
ssl_certificate ${APP_DIR}/certs/${BASE_DOMAIN}/cert.pem;
|
ssl_certificate ${APP_DIR}/certs/${BASE_DOMAIN}/cert.pem;
|
||||||
ssl_certificate_key ${APP_DIR}/certs/${BASE_DOMAIN}/key.pem;
|
ssl_certificate_key ${APP_DIR}/certs/${BASE_DOMAIN}/key.pem;
|
||||||
|
|
||||||
root ${APP_DIR}/www;
|
# Launcher downloads (populated by tooling/fetch-launcher.sh -> ./mirror/launcher).
|
||||||
index index.html;
|
location /launcher/ {
|
||||||
location / { try_files $uri $uri/ =404; }
|
alias ${APP_DIR}/mirror/launcher/;
|
||||||
|
autoindex on;
|
||||||
|
}
|
||||||
|
|
||||||
|
location / {
|
||||||
|
root ${APP_DIR}/www;
|
||||||
|
index index.html;
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
# Pack — packwiz metadata (./pack) + custom jars (./custom at /custom/).
|
# Pack — packwiz metadata (./pack) + custom jars (./custom at /custom/).
|
||||||
|
|||||||
Reference in New Issue
Block a user