API tools faq
paste
Advertisement
Guest User

nginx config

a guest
Oct 23rd, 2019
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.30 KB | None | 0 0
raw download clone embed print report
  1. ##
  2. # Backend directives
  3. #
  4. upstream erp.accomodata.be_8069 {
  5.  
  6. server 172.19.0.19:8069;
  7.  
  8. }
  9. upstream erp.accomodata.be_8072 {
  10.  
  11. server 172.19.0.19:8072;
  12.  
  13. }
  14.  
  15.  
  16.  
  17. # port 80 server directive
  18. server {
  19. listen 80;
  20. server_name erp.accomodata.be;
  21.  
  22. # letsencrypt certbot webroot
  23. # https://community.letsencrypt.org/t/how-to-nginx-configuration-to-enable-acme-challenge-support-on-all-http-virtual-hosts/5622
  24. location ^~ /.well-known {
  25. default_type "text/plain";
  26. root /srv/webroot/ ;
  27. }
  28. location = /.well-known/acme-challenge/ {
  29. return 404;
  30. }
  31.  
  32.  
  33. # Set HSTS to 365 days
  34. add_header Strict-Transport-Security 'max-age=31536000';
  35.  
  36. # redirect non http requests to https
  37. location / { # the default location redirects to https
  38. return 301 https://$server_name$request_uri;
  39. }
  40.  
  41. }
  42.  
  43. server {
  44.  
  45. listen 443 ssl http2;
  46. server_name erp.accomodata.be;
  47.  
  48. gzip on;
  49.  
  50. # ssl certificate files
  51. ssl_certificate /etc/letsencrypt/live/accomodata.be/fullchain.pem;
  52. ssl_certificate_key /etc/letsencrypt/live/accomodata.be/privkey.pem;
  53. ssl_trusted_certificate /etc/letsencrypt/live/accomodata.be/fullchain.pem;
  54.  
  55. # Specifies the maximum accepted body size of a client request,
  56. # as indicated by the request header Content-Length.
  57. # set to 0 to disable
  58. client_max_body_size 0;
  59.  
  60. # Set HSTS to 365 days
  61. add_header Strict-Transport-Security 'max-age=31536000';
  62.  
  63.  
  64. location / {
  65. proxy_pass http://erp.accomodata.be_8069;
  66. }
  67. location ~ ^/longpolling/ {
  68. proxy_pass http://erp.accomodata.be_8072;
  69. }
  70.  
  71. # letsencrypt certbot webroot
  72. # https://community.letsencrypt.org/t/how-to-nginx-configuration-to-enable-acme-challenge-support-on-all-http-virtual-hosts/5622
  73. location ^~ /.well-known {
  74. default_type "text/plain";
  75. root /srv/webroot/ ;
  76. }
  77. location = /.well-known/acme-challenge/ {
  78. return 404;
  79. }
  80.  
  81. # cache some static data in memory for 60mins
  82. location ~* ^/([0-9a-zA-Z]+)/static/ {
  83. proxy_cache_valid 200 60m;
  84. proxy_buffering on;
  85. # Set expires header for 12 hour
  86. expires 43200;
  87. proxy_pass http://erp.accomodata.be_8069;
  88. }
  89.  
  90. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!