1. user http;
  2. worker_processes 2;
  3.  
  4. error_log /var/log/nginx/error.log;
  5. #pid /run/nginx.pid;
  6.  
  7. events {
  8. worker_connections 1024;
  9. }
  10.  
  11. http {
  12. include mime.types;
  13. default_type application/octet-stream;
  14.  
  15. log_format main '$remote_addr - $remote_user [$time_local] "$request" '
  16. '$status $body_bytes_sent "$http_referer" '
  17. '"$http_user_agent" "$http_x_forwarded_for"';
  18.  
  19. access_log /var/log/nginx/access.log main;
  20. sendfile on;
  21. keepalive_timeout 65;
  22.  
  23. gzip on;
  24. gzip_http_version 1.0;
  25. gzip_min_length 1024;
  26. gzip_proxied any;
  27. gzip_buffers 16 8k;
  28. gzip_types text/plain text/css application/x-javascript text/xml
  29. application/xml application/xml+rss text/javascript;
  30. gzip_vary on;
  31.  
  32. client_max_body_size 4G;
  33.  
  34. server_tokens off;
  35.  
  36. ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!aNULL:!MD5:!EDH;
  37. ssl_prefer_server_ciphers on;
  38. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  39. ssl_session_cache shared:SSL:10m;
  40.  
  41. proxy_connect_timeout 90;
  42. proxy_send_timeout 90;
  43. proxy_read_timeout 90;
  44. proxy_buffer_size 4k;
  45. proxy_buffers 4 32k;
  46. proxy_busy_buffers_size 64k;
  47. proxy_temp_file_write_size 64k;
  48.  
  49. server {
  50. listen 80;
  51. rewrite ^ https://$host$request_uri? permanent;
  52. }
  53.  
  54. server {
  55. listen 443 ssl;
  56.  
  57. satisfy any;
  58. allow 192.168.1.0/24;
  59. allow 127.0.0.1/32;
  60. deny all;
  61. auth_basic "Restricted Access";
  62. auth_basic_user_file /etc/nginx/htpasswd;
  63.  
  64. ssl_certificate /etc/ssl/server.crt;
  65. ssl_certificate_key /etc/ssl/server.key;
  66.  
  67. proxy_set_header X-Real-IP $remote_addr;
  68. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  69. proxy_set_header X-Forwarded-Host $host;
  70. proxy_set_header X-Forwarded-Server $host;
  71.  
  72. location / {
  73. proxy_pass http://127.0.0.1:7000/;
  74. proxy_redirect default;
  75. }
  76.  
  77. location /sab/ {
  78. proxy_pass http://127.0.0.1:8080/;
  79. proxy_redirect default;
  80. }
  81.  
  82. location /tv/ {
  83. proxy_pass http://127.0.0.1:8081/tv/;
  84. proxy_redirect default;
  85. }
  86.  
  87. location /movies/ {
  88. proxy_pass http://127.0.0.1:8082/movies/;
  89. proxy_redirect default;
  90. }
  91.  
  92. location /music/ {
  93. proxy_pass http://127.0.0.1:8083/music/;
  94. proxy_redirect default;
  95. }
  96.  
  97. location /transmission/ {
  98. proxy_pass_header X-Transmission-Session-Id;
  99. proxy_pass http://127.0.0.1:9091/transmission/;
  100. proxy_redirect off;
  101. }
  102.  
  103. error_page 404 /404.html;
  104. location = /404.html {
  105. root /usr/share/nginx/html;
  106. }
  107.  
  108. error_page 500 502 503 504 /50x.html;
  109. location = /50x.html {
  110. root /usr/share/nginx/html;
  111. }
  112. }
  113. include /etc/nginx/conf.d/*.conf;
  114. }