Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- upstream wasabi {
- server s3.wasabisys.com:443 max_conns=128;
- }
- server {
- listen 80;
- listen [::]:80;
- server_name <your.domain.example.com>;
- access_log /var/log/nginx/access-<your.domain.example.com>.log main;
- error_log /var/log/nginx/error-<your.domain.example.com>.log;
- root /srv/www/letsencrypt;
- location /.well-known/ {
- #alias /srv/www/letsencrypt/.well-known;
- default_type "text/plain";
- allow all;
- }
- location / {
- return 301 https://$host$request_uri;
- }
- }
- server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name <your.domain.example.com>;
- access_log /var/log/nginx/access-<your.domain.example.com>.log main;
- error_log /var/log/nginx/error-<your.domain.example.com>.log;
- ssl_certificate /etc/letsencrypt/live/<your.domain.example.com>/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/<your.domain.example.com>/privkey.pem;
- keepalive_timeout 70;
- sendfile on;
- client_max_body_size 64m;
- add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; Preload";
- add_header Content-Security-Policy "style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; object-src 'self'; script-src 'self'; base-uri 'none'; img-src data: https:; media-src data: https:";
- location / {
- return 404;
- }
- location /<your-bucket-name> {
- try_files $uri @proxy;
- }
- location ~ ^/(packs|<your-bucket-name>/media_attachments/files|<your-bucket-name>/accounts/avatars) {
- add_header Cache-Control "public, max-age=31536000, immutable";
- try_files $uri @proxy;
- }
- location @proxy {
- proxy_set_header Host "s3.wasabisys.com";
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto https;
- #resolver 1.1.1.1;
- proxy_pass https://wasabi;
- proxy_redirect off;
- proxy_http_version 1.1;
- }
- error_page 500 501 502 503 504 /500.html;
- }
Add Comment
Please, Sign In to add comment