From b66697d924e9229aec4a273ff0ab3e3a32d234b6 Mon Sep 17 00:00:00 2001
From: Matthew Pomes <matthew.pomes@pm.me>
Date: Wed, 24 Sep 2025 23:03:20 -0500
Subject: [PATCH] Add gpodder nginx site

---
 nginx/sites-enabled/gpodder | 70 +++++++++++++++++++++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 nginx/sites-enabled/gpodder

diff --git a/nginx/sites-enabled/gpodder b/nginx/sites-enabled/gpodder
new file mode 100644
index 0000000..64eb4b5
--- /dev/null
+++ b/nginx/sites-enabled/gpodder
@@ -0,0 +1,70 @@
+##
+# You should look at the following URL's in order to grasp a solid understanding
+# of Nginx configuration files in order to fully unleash the power of Nginx.
+# https://www.nginx.com/resources/wiki/start/
+# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
+# https://wiki.debian.org/Nginx/DirectoryStructure
+#
+# In most cases, administrators will remove this file from sites-enabled/ and
+# leave it as reference inside of sites-available where it will continue to be
+# updated by the nginx packaging team.
+#
+# This file will automatically load configuration files provided by other
+# applications, such as Drupal or Wordpress. These applications will be made
+# available underneath a path with that package name, such as /drupal8.
+#
+# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
+##
+
+server {
+    listen 80;
+    listen [::]:80;
+    server_name gpodder.loadingm.xyz;
+
+    location /.well-known/acme-challenge/ {
+        root /var/www/certbot;
+    }
+
+    # Uncomment to redirect HTTP to HTTPS
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+# Default server configuration
+#
+server {
+
+	# SSL configuration
+	listen 443 ssl;
+	listen [::]:443 ssl;
+    http2 on;
+
+	server_name gpodder.loadingm.xyz;
+
+    ssl_certificate /etc/letsencrypt/live/loadingm.xyz/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/loadingm.xyz/privkey.pem;
+    # include /etc/letsencrypt/options-ssl-nginx.conf;
+    # ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
+    ssl_trusted_certificate /etc/letsencrypt/live/loadingm.xyz/chain.pem;
+
+	root /data/site;
+
+	location /hosted {
+		index index.html; 
+		autoindex on;
+	}
+
+	location / {
+		# First attempt to serve request as file, then
+		# as directory, then fall back to displaying a 404.
+		try_files $uri $uri/ =404;
+	}
+
+	# deny access to .htaccess files, if Apache's document root
+	# concurs with nginx's one
+	#
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+}