server { listen 443 ssl; listen 80; server_name static.notmyidea.org;
ssl_certificate /etc/letsencrypt/live/blog.notmyidea.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/blog.notmyidea.org/privkey.pem;
include /home/poils/letsencrypt/letsencrypt-nginx/letsencrypt_nginx/options-ssl-nginx.conf;
location / { add_header Content-Disposition attachment; root home/www/static.notmyidea.org; index index.html; }
location archives { root home/www/static.notmyidea.org; index index.html; autoindex on; }
location videos { root home/www/static.notmyidea.org; index index.html; autoindex on; }
location films { root home/www/static.notmyidea.org; index index.html; autoindex on; auth_basic “Restricted Content”; auth_basic_user_file etc/nginx.htpasswd; }
if ($scheme != “https”) { return 301 https://$host$request_uri; } # managed by Certbot
}