SHARE
TWEET

nginx.conf SSL Proxy Transmission

mturgeonferland Mar 24th, 2013 4,392 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. # Standard server configuration nothing to do in this part
  2. user  nginx;
  3. worker_processes  1;
  4.  
  5. error_log  /var/log/nginx/error.log warn;
  6. pid        /var/run/nginx.pid;
  7.  
  8.  
  9. events {
  10.     worker_connections  1024;
  11. }
  12.  
  13.  
  14. http {
  15.     include       /etc/nginx/mime.types;
  16.     default_type  application/octet-stream;
  17.  
  18.     log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
  19.                       '$status $body_bytes_sent "$http_referer" '
  20.                       '"$http_user_agent" "$http_x_forwarded_for"';
  21.  
  22.     access_log  /var/log/nginx/access.log  main;
  23.  
  24.     sendfile        on;
  25.     #tcp_nopush     on;
  26.  
  27.     keepalive_timeout  65;
  28.  
  29.     #gzip  on;
  30.  
  31. # this if to rewrite all addresses going to my server in http into https
  32. server {
  33.        listen         80;
  34.        server_name    p2p.example.net;
  35.        rewrite        ^ https://$server_name$request_uri? permanent;
  36. }
  37.  
  38. server {
  39.     listen       443; # here you can also specifie the ip or ips to listen to, if a lot of NICs ex. 192.168.1.1:443
  40.     server_name  p2p.example.net; # hostname
  41.  
  42.     access_log off; # Enable of disable Logs
  43.  
  44.     auth_basic "Please login"; # Message that will be shown when login
  45.     # you must disable auth on the transmission daemon server, otherwise, you'll
  46.     # have to login twice. basically nginx proxy takes care of auth from now and on
  47.     # you can create this file by htpasswd command line tool, that comes with apache
  48.     auth_basic_user_file /.ProxyUsers; # remove the . to be visible
  49.  
  50.     # setup self signed SSL, there was a tutorial i followed online
  51.     # it's generic for all servers, just make sure file paths are right and
  52.     # that nginx can read the files (proper permission)
  53.     ssl                  on;
  54.     ssl_certificate      /root/server.crt;
  55.     ssl_certificate_key  /root/server.key;
  56.  
  57.     ssl_session_timeout  5m;
  58.  
  59.     ssl_protocols               SSLv2 SSLv3 TLSv1;
  60.     ssl_ciphers                 ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
  61.     ssl_prefer_server_ciphers   on;
  62.  
  63.         # Thats the important part. Most of the tutorial on the net are not Transmission specific
  64.         # and don't pass the Transmission-Session Header
  65.     location / {
  66.         proxy_read_timeout 300;
  67.         proxy_pass_header  X-Transmission-Session-Id;
  68.         proxy_set_header   X-Forwarded-Host $host;
  69.         proxy_set_header   X-Forwarded-Server $host;
  70.         proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
  71.        
  72.         # if you changed the port number for transmission daemon, then adjust the
  73.         # folllowing line
  74.         proxy_pass         http://127.0.0.1:9091/transmission/web/;
  75.     }
  76.        
  77.         # Also Transmission specific
  78.     location /rpc {
  79.         proxy_pass         http://127.0.0.1:9091/transmission/rpc;
  80.     }
  81.        
  82.     location /upload {
  83.         proxy_pass         http://127.0.0.1:9091/transmission/upload;
  84.     }
  85.  
  86. }
  87.  
  88. }
RAW Paste Data
Top