SHARE
TWEET

nginx config

a guest Oct 23rd, 2019 88 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. ##
  2. # Backend directives
  3. #
  4. upstream erp.accomodata.be_8069 {
  5.  
  6.     server 172.19.0.19:8069;
  7.  
  8. }
  9. upstream erp.accomodata.be_8072 {
  10.  
  11.     server 172.19.0.19:8072;
  12.  
  13. }
  14.  
  15.  
  16.  
  17. # port 80 server directive
  18. server {
  19.     listen 80;
  20.     server_name erp.accomodata.be;
  21.  
  22.     # letsencrypt certbot webroot
  23.     # https://community.letsencrypt.org/t/how-to-nginx-configuration-to-enable-acme-challenge-support-on-all-http-virtual-hosts/5622
  24.     location ^~ /.well-known {
  25.         default_type "text/plain";
  26.         root /srv/webroot/ ;
  27.     }
  28.     location = /.well-known/acme-challenge/ {
  29.         return 404;
  30.     }
  31.  
  32.    
  33.     # Set HSTS to 365 days
  34.     add_header Strict-Transport-Security 'max-age=31536000';
  35.  
  36.     # redirect non http requests to https
  37.     location / {  # the default location redirects to https
  38.         return 301 https://$server_name$request_uri;
  39.     }
  40.    
  41. }
  42.  
  43. server {
  44.  
  45.     listen 443 ssl http2;
  46.     server_name erp.accomodata.be;
  47.  
  48.     gzip on;
  49.  
  50.     # ssl certificate files
  51.     ssl_certificate          /etc/letsencrypt/live/accomodata.be/fullchain.pem;
  52.     ssl_certificate_key      /etc/letsencrypt/live/accomodata.be/privkey.pem;
  53.     ssl_trusted_certificate  /etc/letsencrypt/live/accomodata.be/fullchain.pem;
  54.  
  55.     # Specifies the maximum accepted body size of a client request,
  56.     # as indicated by the request header Content-Length.
  57.     # set to 0 to disable
  58.     client_max_body_size 0;
  59.  
  60.     # Set HSTS to 365 days
  61.     add_header Strict-Transport-Security 'max-age=31536000';
  62.  
  63.    
  64.     location / {
  65.         proxy_pass http://erp.accomodata.be_8069;
  66.     }
  67.     location ~ ^/longpolling/ {
  68.         proxy_pass http://erp.accomodata.be_8072;
  69.     }
  70.  
  71.     # letsencrypt certbot webroot
  72.     # https://community.letsencrypt.org/t/how-to-nginx-configuration-to-enable-acme-challenge-support-on-all-http-virtual-hosts/5622
  73.     location ^~ /.well-known {
  74.         default_type "text/plain";
  75.         root /srv/webroot/ ;
  76.     }
  77.     location = /.well-known/acme-challenge/ {
  78.         return 404;
  79.     }
  80.  
  81.     # cache some static data in memory for 60mins
  82.     location ~* ^/([0-9a-zA-Z]+)/static/ {
  83.         proxy_cache_valid 200 60m;
  84.         proxy_buffering on;
  85.         # Set expires header for 12 hour
  86.         expires 43200;
  87.         proxy_pass http://erp.accomodata.be_8069;
  88.     }
  89.  
  90. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top