Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # redirect http to https
- server {
- listen 80;
- listen [::]:80;
- server_name sub.domain.com;
- return 301 https://sub.domain.com$request_uri;
- }
- # actually handle the requests
- server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name sub.domain.com;
- #HTTP_TO_HTTPS_END
- ssl_certificate /path/to/cert.pem;
- ssl_certificate_key /path/to/key.pem;
- #SSL-END
- #HSTS
- add_header Strict-Transport-Security "max-age=31536000; preload";
- #BITWARDEN SPECIFIC
- client_max_body_size 128M;
- #Had to add this for diagnostics to work, otherwise I got 504 timeout
- proxy_read_timeout 300;
- proxy_connect_timeout 300;
- proxy_send_timeout 300;
- #this is from the wiki
- location / {
- proxy_pass http://127.0.0.1:9002;
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- }
- location /notifications/hub {
- proxy_pass http://127.0.0.1:9003;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- }
- location /notifications/hub/negotiate {
- proxy_pass http://127.0.0.1:9002;
- }
- # used by the panel to request and verify letsencrypt certs
- location ~ \.well-known{
- allow all;
- }
- #nginx log
- access_log /www/wwwlogs/bitwarden.lavrenov.io.log;
- error_log /www/wwwlogs/bitwarden.lavrenov.io.error.log;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement