Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # The `upstream` directives ensure that you have a http/1.1 connection This enables the keepalive option and better performance
- #
- # Define the server IP and ports here.
- upstream vaultwarden-default {
- zone vaultwarden-default 64k;
- server 127.0.0.1:8088;
- keepalive 2;
- }
- # Needed to support websocket connections See: https://nginx.org/en/docs/http/websocket.html Instead of "close" as stated in the above link we send an empty value. Else all keepalive connections will
- # not work.
- map $http_upgrade $connection_upgrade {
- default upgrade;
- '' "";
- }
- # Redirect HTTP to HTTPS
- server {
- listen 80;
- listen [::]:80;
- server_name pass.sam.host;
- if ($host = pass.sam.host) {
- return 301 https://$host$request_uri;
- }
- return 404;
- }
- server {
- # For older versions of nginx appened http2 to the listen line after ssl and remove `http2 on`
- listen 443 ssl;
- listen [::]:443 ssl;
- server_name pass.sam.host;
- # http2 on; server_name pass.sam.host;
- # Specify SSL Config when needed
- ssl_certificate /etc/nginx/ssl/cert.pem;
- ssl_certificate_key /etc/nginx/ssl/key.pem;
- client_max_body_size 525M;
- proxy_max_temp_file_size 0;
- location / {
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme; proxy_pass
- http://172.26.8.203:8088/;
- }
- # Optionally add extra authentication besides the ADMIN_TOKEN Remove the comments below `#` and create the htpasswd_file to have it active
- #
- #location /admin {
- # # See: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
- # auth_basic "Private"; auth_basic_user_file /path/to/htpasswd_file;
- #
- # proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade;
- #
- # proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;
- #
- # proxy_pass http://vaultwarden-default;
- #}
- }
Add Comment
Please, Sign In to add comment