# /etc/nginx/sites-available/hooks on admin.yttrx.com # Enable with: ln -s ../sites-available/hooks /etc/nginx/sites-enabled/hooks server { listen 80; listen [::]:80; server_name hooks.yttrx.com; # certbot --nginx will manage the redirect / cert; left here for the # initial standalone issuance flow described in the README. return 301 https://$host$request_uri; } server { listen 443 ssl; listen [::]:443 ssl; server_name hooks.yttrx.com; ssl_certificate /etc/letsencrypt/live/hooks.yttrx.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/hooks.yttrx.com/privkey.pem; # Only the webhook endpoint and health check are exposed. location = /webhook { proxy_pass http://127.0.0.1:8087; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location = /healthz { proxy_pass http://127.0.0.1:8087; } location / { return 404; } }