Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- user www-data;
- worker_processes 2;
- events {
- worker_connections 512;
- # multi_accept on;
- }
- http {
- ssl_session_timeout 1d;
- ssl_session_cache shared:SSL:50m;
- ssl_prefer_server_ciphers on;
- ssl_stapling on;
- ssl_stapling_verify on;
- # ssl_dhparam /path/to/dh.pem;
- resolver 8.8.8.8;
- keepalive_timeout 60;
- sendfile on;
- tcp_nopush on;
- tcp_nodelay on;
- gzip_static on;
- gzip_disable "msie6";
- gzip_vary on;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
- server {
- listen 80;
- listen [::]:80;
- server_name radio.monopoly-one.com;
- location /.well-known/acme-challenge {
- return 200 "OK";
- }
- location / {
- return 301 https://radio.monopoly-one.com$request_uri;
- }
- }
- server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name radio.monopoly-one.com;
- root /path/to/static;
- ssl_certificate /etc/letsencrypt/live/radio.monopoly-one.com/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/radio.monopoly-one.com/privkey.pem;
- add_header Strict-Transport-Security "max-age=15768000" always;
- add_header Access-Control-Allow-Origin "https://radio.monopoly-one.com" always;
- expires 7d;
- location / {
- try_files $uri $uri.html $uri/index.html /http_404.html;
- }
- location = /oauth/m1/start {
- return 302 "https://monopoly-one.com/oauth?app_id=4&redirect_uri=https://radio.monopoly-one.com/oauth/m1/callback&response_type=code";
- }
- location = /oauth/m1/callback {
- proxy_pass http://[::1]:8001;
- proxy_http_version 1.1;
- proxy_no_cache 1;
- proxy_set_header Host $host;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_read_timeout 120s;
- expires epoch;
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement