API tools faq
paste
Advertisement
Guest User

nginx

a guest
Jul 20th, 2017
80
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Nginx 2.41 KB | None | 0 0
raw download clone embed print report
  1. user www-data;
  2. worker_processes 2;
  3.  
  4. events {
  5.     worker_connections 512;
  6.     # multi_accept on;
  7. }
  8.  
  9. http {
  10.     ssl_session_timeout 1d;
  11.     ssl_session_cache shared:SSL:50m;
  12.     ssl_prefer_server_ciphers on;
  13.  
  14.     ssl_stapling on;
  15.     ssl_stapling_verify on;
  16.  
  17.     # ssl_dhparam /path/to/dh.pem;
  18.  
  19.     resolver 8.8.8.8;
  20.  
  21.     keepalive_timeout 60;
  22.  
  23.     sendfile on;
  24.     tcp_nopush on;
  25.     tcp_nodelay on;
  26.  
  27.     gzip_static on;
  28.     gzip_disable "msie6";
  29.     gzip_vary on;
  30.  
  31.     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  32.     ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
  33.  
  34.     server {
  35.         listen 80;
  36.         listen [::]:80;
  37.         server_name radio.monopoly-one.com;
  38.  
  39.         location /.well-known/acme-challenge {
  40.             return 200 "OK";
  41.         }
  42.         location / {
  43.             return 301 https://radio.monopoly-one.com$request_uri;
  44.         }
  45.     }
  46.  
  47.     server {
  48.         listen 443 ssl http2;
  49.         listen [::]:443 ssl http2;
  50.         server_name radio.monopoly-one.com;
  51.         root /path/to/static;
  52.  
  53.         ssl_certificate /etc/letsencrypt/live/radio.monopoly-one.com/fullchain.pem;
  54.         ssl_certificate_key /etc/letsencrypt/live/radio.monopoly-one.com/privkey.pem;
  55.  
  56.         add_header Strict-Transport-Security "max-age=15768000" always;
  57.         add_header Access-Control-Allow-Origin "https://radio.monopoly-one.com" always;
  58.  
  59.         expires 7d;
  60.  
  61.         location / {
  62.             try_files $uri $uri.html $uri/index.html /http_404.html;
  63.         }
  64.         location = /oauth/m1/start {
  65.             return 302 "https://monopoly-one.com/oauth?app_id=4&redirect_uri=https://radio.monopoly-one.com/oauth/m1/callback&response_type=code";
  66.         }
  67.         location = /oauth/m1/callback {
  68.             proxy_pass http://[::1]:8001;
  69.             proxy_http_version 1.1;
  70.             proxy_no_cache 1;
  71.             proxy_set_header   Host            $host;
  72.             proxy_set_header   Upgrade         $http_upgrade;
  73.             proxy_set_header   Connection      "upgrade";
  74.             proxy_read_timeout 120s;
  75.  
  76.             expires epoch;
  77.         }
  78.     }
  79. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!