nginx config need help please

`server { listen 443 ssl http2; server_name paste.domain.eu; root /home/alpha/paste; error_log /var/log/nginx/paste-error.log; access_log /var/log/nginx/paste-access.log;

# SSL Configuration
ssl_certificate /etc/letsencrypt/live/paste.domain.eu/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/paste.domain.eu/privkey.pem;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers "TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:EC>
ssl_prefer_server_ciphers on;

# See https://hstspreload.org/ before uncommenting the line below.
add_header Strict-Transport-Security "max-age=15768000; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header Content-Security-Policy "frame-ancestors 'self'";
add_header X-Frame-Options DENY;
add_header Referrer-Policy same-origin;
#add_header Access-Control-Allow-Origin same-origin;

location ^~ /paste/ {
        proxy_buffering  off;
        rewrite                /paste/(.*) /$1 break;
        proxy_pass         http://127.0.0.1:7777/;
        proxy_redirect    default;
}
location ~ /\.ht    {return 404;}
location ~ /\.svn/  {return 404;}
location ~ /\.git/  {return 404;}
location ~ /\.hg/   {return 404;}
location ~ /\.bzr/  {return 404;}

} ` error 403: 2022/05/17 19:34:02 [error] 5657#5657: *13 directory index of "/home/alpha/paste/" is forbidden, client: myip, server: paste.domain.eu, request: "GET / HTTP/2.0", host: "paste.domain"

I've try: chown -R www-data:www-data /home/alpha/paste but cannot start with npm start (permission denied) chown -R alpha:www-data /home/alpha/paste but cannot start with npm start (permission denied) chown -R www-data:alpha /home/alpha/paste but cannot start with npm start (permission denied)

using nginx:

nginx version: nginx/1.21.6
built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
built with OpenSSL 1.1.1k  25 Mar 2021 (running with OpenSSL 1.1.1n  15 Mar 2022)
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-g -O2 -ffile-prefix-map=/data/builder/debuild/nginx-1.21.6/debian/debuild-base/nginx-1.21.6=. -fstack-protector-strong -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -Wl,--as-needed -pie'

Thanks for any help

toptal / haste-server

nginx config need help please #418