fixes

package/docker/Dockerfile

@@ -4,7 +4,7 @@
 # Based on nginx-ssl-secure https://github.com/MarvAmBass/docker-nginx-ssl-secure/
 
 # docker build -t keeweb .
-# docker run --name keeweb -d -p 443:443 keeweb
+# docker run --name keeweb -d -p 443:443 -p 80:80 keeweb
 
 FROM nginx:stable
 MAINTAINER Antelle "antelle.net@gmail.com"
@@ -32,3 +32,4 @@ CMD ["nginx"]
 RUN git clone --depth 1 --single-branch --branch gh-pages https://github.com/antelle/keeweb.git
 
 EXPOSE 443
+EXPOSE 80

package/docker/keeweb.conf

@@ -6,27 +6,30 @@ server {
     ssl_certificate /etc/nginx/cert/cert.pem;
     ssl_certificate_key /etc/nginx/cert/key.pem;
 
-    # hide nginx version
     server_tokens off;
-
-    # add nosniff header (https://www.owasp.org/index.php/List_of_useful_HTTP_headers)
     add_header X-Content-Type-Options nosniff;
 
     add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
 
-    # Getting a high secure SSL configured system
-
-    # Tutorials used:
     # https://scotthelme.co.uk/a-plus-rating-qualys-ssl-test/
     # http://www.howtoforge.com/ssl-perfect-forward-secrecy-in-nginx-webserver
 
-    # enable dh
     ssl_dhparam /etc/nginx/cert/dh.pem;
-
-    # protocols
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # disable poodle
-
-    # ciphers
     ssl_prefer_server_ciphers on;
     ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
+
+    location / {
+        try_files $uri $uri/ =404;
+    }
+    location ~ /\. {
+        deny all;
+    }
+}
+
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    server_name _;
+    return 301 https://$host$request_uri;
 }