Nginx SSL Multi-http servers-Reverse Proxy default file

1. Nginx default /etc/nginx/sites-available, /etc/nginx/sites-enabled
2. ##
3. # You should look at the following URL's in order to grasp a solid understanding
4. # of Nginx configuration files in order to fully unleash the power of Nginx.
5. # http://wiki.nginx.org/Pitfalls
6. # http://wiki.nginx.org/QuickStart
7. # http://wiki.nginx.org/Configuration
8. #
9. # Generally, you will want to move this file somewhere, and start with a clean
10. # file but keep this around for reference. Or just disable in sites-enabled.
11. #
12. # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
13. ##
14.  
15. # Default server configuration
16. #
17. # Multiple http servers on localhost using different ports
18. server {
19. server_name domain.name www.domain.name;
20. server {
21. listen 80;
22. return 301 https://$host$request_uri;
23. }
24. server {
25. listen 443;
26.  
27. ssl_certificate /etc/nginx/ssl/domain.name/cert.crt;
28. ssl_certificate_key /etc/nginx/ssl/domain.name/cert.key;
29.  
30. ssl on;
31. ssl_session_cache builtin:1000 shared:SSL:10m;
32. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
33. ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
34. ssl_prefer_server_ciphers on;
35.  
36. access_log /var/log/nginx/domain.access.log;
37.  
38. location / {
39.  
40. proxy_set_header Host $host;
41. proxy_set_header X-Real-IP $remote_addr;
42. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
43. proxy_set_header X-Forwarded-Proto $scheme;
44.  
45. # Fix the “It appears that your reverse proxy set up is broken" error.
46. proxy_pass http://localhost:8080;
47. proxy_read_timeout 90;
48. proxy_redirect http://localhost:8001 https://domain.name;
49. }
50. }
51. }
52. server {
53. server_name domain2.name www.domain2.name;
54. server {
55. listen 80;
56. return 301 https://$host$request_uri;
57. }
58. server {
59. listen 443;
60.  
61. ssl_certificate /etc/nginx/ssl/domain2.name/cert.crt;
62. ssl_certificate_key /etc/nginx/ssl/domain2.name/cert.key;
63.  
64. ssl on;
65. ssl_session_cache builtin:1000 shared:SSL:10m;
66. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
67. ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
68. ssl_prefer_server_ciphers on;
69.  
70. access_log /var/log/nginx/domain2.access.log;
71.  
72. location / {
73.  
74. proxy_set_header Host $host;
75. proxy_set_header X-Real-IP $remote_addr;
76. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
77. proxy_set_header X-Forwarded-Proto $scheme;
78.  
79. # Fix the “It appears that your reverse proxy set up is broken" error.
80. proxy_pass http://localhost:8080;
81. proxy_read_timeout 90;
82.  
83. proxy_redirect http://localhost:3000 https://domain2.name;
84. }
85. }
86. }
87. server {
88. server_name torsitedomainaexym5oxjo36xotqnzwihcl3oiydbazqvztmyoaqd.onion;
89.  
90. location / {
91. proxy_redirect http://localhost:8008 http://torsitedomainaexym5oxjo36xotqnzwihcl3oiydbazqvztmyoaqd.onion;
92. }
93. }
94. #
95. #server {
96. # listen 80 default_server;
97. # listen [::]:80 default_server;
98. #
99. # SSL configuration
100. #
101. # listen 443 ssl default_server;
102. # listen [::]:443 ssl default_server;
103. #
104. # Note: You should disable gzip for SSL traffic.
105. # See: https://bugs.debian.org/773332
106. #
107. # Read up on ssl_ciphers to ensure a secure configuration.
108. # See: https://bugs.debian.org/765782
109. #
110. # Self signed certs generated by the ssl-cert package
111. # Don't use them in a production server!
112. #
113. # include snippets/snakeoil.conf;
114. #
115. root /var/www/html;
116. #
117. # Add index.php to the list if you are using PHP
118. # index index.html index.htm index.nginx-debian.html;
119. #
120. # server_name domain.name www.domain.name;
121. #
122. # location / {
123. # First attempt to serve request as file, then
124. # as directory, then fall back to displaying a 404.
125. # try_files $uri $uri/ =404;
126. # }
127. #
128. # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
129. #
130. #location ~ \.php$ {
131. # include snippets/fastcgi-php.conf;
132. #
133. # # With php7.0-cgi alone:
134. # fastcgi_pass 127.0.0.1:9000;
135. # # With php7.0-fpm:
136. # fastcgi_pass unix:/run/php/php7.0-fpm.sock;
137. #}
138. #
139. # deny access to .htaccess files, if Apache's document root
140. # concurs with nginx's one
141. #
142. #location ~ /\.ht {
143. # deny all;
144. #}
145. #}
146. #
147. #
148. # Virtual Host configuration for example.com
149. #
150. # You can move that to a different file under sites-available/ and symlink that
151. # to sites-enabled/ to enable it.
152. #
153. #server {
154. # listen 80;
155. # listen [::]:80;
156. #
157. # server_name example.com;
158. #
159. # root /var/www/example.com;
160. # index index.html;
161. #
162. # location / {
163. # try_files $uri $uri/ =404;
164. # }
165. #}