Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name dev.domain.co.uk;
- set $base /var/www/dev.domain.co.uk;
- root $base;
- # SSL
- ssl_certificate /etc/letsencrypt/live/dev.domain.co.uk/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/dev.domain.co.uk/privkey.pem;
- ssl_trusted_certificate /etc/letsencrypt/live/dev.domain.co.uk/fullchain.pem;
- # index.php
- index index.php;
- # reverse proxy
- location / {
- proxy_pass http://127.0.0.1:80;
- include nginxconfig.io/proxy.conf;
- }
- # handle .php
- location ~ .php$ {
- include nginxconfig.io/php_fastcgi.conf;
- }
- include nginxconfig.io/general.conf;
- include nginxconfig.io/wordpress.conf;
- }
- # subdomains redirect
- server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name *.dev.domain.co.uk;
- # SSL
- ssl_certificate /etc/letsencrypt/live/dev.domain.co.uk/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/dev.domain.co.uk/privkey.pem;
- ssl_trusted_certificate /etc/letsencrypt/live/dev.domain.co.uk/fullchain.pem;
- return 301 https://dev.domain.co.uk$request_uri;
- }
- # HTTP redirect
- server {
- listen 8080;
- listen [::]:8080;
- server_name .dev.domain.co.uk;
- include nginxconfig.io/letsencrypt.conf;
- location / {
- return 301 https://dev.domain.co.uk$request_uri;
- }
- }
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Forwarded-Port $server_port;
- proxy_cache_bypass $http_upgrade;
- #
- # It does not do anything by default, delegating control to the
- # builtin VCL. The builtin VCL is called when there is no explicit
- # return statement.
- #
- # See the VCL chapters in the Users Guide at https://www.varnish-cache.org/docs/
- # and https://www.varnish-cache.org/trac/wiki/VCLExamples for more examples.
- # Marker to tell the VCL compiler that this VCL has been adapted to the
- # new 4.0 format.
- vcl 4.0;
- # Default backend definition. Set this to point to your content server.
- backend default {
- .host = "127.0.0.1";
- .port = "8080";
- }
- sub vcl_recv {
- # Happens before we check if we have this in cache already.
- #
- # Typically you clean up the request here, removing cookies you don't need,
- # rewriting the request, etc.
- }
- sub vcl_backend_response {
- # Happens after we have read the response headers from the backend.
- #
- # Here you clean the response headers, removing silly Set-Cookie headers
- # and other mistakes your backend does.
- set beresp.ttl = 10s;
- set beresp.grace = 1h;
- }
- sub vcl_deliver {
- # Happens when we have all the pieces we need, and are about to send the
- # response to the client.
- #
- # You can do accounting or modifying the final object here.
- }
- [Unit]
- Description=Varnish HTTP accelerator
- Documentation=https://www.varnish-cache.org/docs/4.1/ man:varnishd
- [Service]
- Type=simple
- LimitNOFILE=131072
- LimitMEMLOCK=82000
- ExecStart=/usr/sbin/varnishd -j unix,user=vcache -F -a :80 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s malloc,256m
- ExecReload=/usr/share/varnish/reload-vcl
- ProtectSystem=full
- ProtectHome=true
- PrivateTmp=true
- PrivateDevices=true
- [Install]
- WantedBy=multi-user.target
- # Configuration file for varnish
- #
- # /etc/init.d/varnish expects the variables $DAEMON_OPTS, $NFILES and $MEMLOCK
- # to be set from this shell script fragment.
- #
- # Note: If systemd is installed, this file is obsolete and ignored. Please see
- # /usr/share/doc/varnish/examples/varnish.systemd-drop-in.conf
- # Should we start varnishd at boot? Set to "no" to disable.
- START=yes
- # Maximum number of open files (for ulimit -n)
- NFILES=131072
- # Maximum locked memory size (for ulimit -l)
- # Used for locking the shared memory log in memory. If you increase log size,
- # you need to increase this number as well
- MEMLOCK=82000
- # Default varnish instance name is the local nodename. Can be overridden with
- # the -n switch, to have more instances on a single server.
- # You may need to uncomment this variable for alternatives 1 and 3 below.
- # INSTANCE=$(uname -n)
- # This file contains 4 alternatives, please use only one.
- ## Alternative 1, Minimal configuration, no VCL
- #
- # Listen on port 6081, administration on localhost:6082, and forward to
- # content server on localhost:8080. Use a 1GB fixed-size cache file.
- #
- # This example uses the INSTANCE variable above, which you need to uncomment.
- #
- # DAEMON_OPTS="-a :6081
- # -T localhost:6082
- # -b localhost:8080
- # -u varnish -g varnish
- # -S /etc/varnish/secret
- # -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
- ## Alternative 2, Configuration with VCL
- #
- # Listen on port 6081, administration on localhost:6082, and forward to
- # one content server selected by the vcl file, based on the request.
- #
- DAEMON_OPTS="-a :80
- -T localhost:6082
- -f /etc/varnish/default.vcl
- -S /etc/varnish/secret
- -s malloc,256m"
- ## Alternative 3, Advanced configuration
- #
- # This example uses the INSTANCE variable above, which you need to uncomment.
- #
- # See varnishd(1) for more information.
- #
- # # Main configuration file. You probably want to change it :)
- # VARNISH_VCL_CONF=/etc/varnish/default.vcl
- #
- # # Default address and port to bind to
- # # Blank address means all IPv4 and IPv6 interfaces, otherwise specify
- # # a host name, an IPv4 dotted quad, or an IPv6 address in brackets.
- # VARNISH_LISTEN_ADDRESS=
- # VARNISH_LISTEN_PORT=6081
- #
- # # Telnet admin interface listen address and port
- # VARNISH_ADMIN_LISTEN_ADDRESS=127.0.0.1
- # VARNISH_ADMIN_LISTEN_PORT=6082
- #
- # # Cache file location
- # VARNISH_STORAGE_FILE=/var/lib/varnish/$INSTANCE/varnish_storage.bin
- #
- # # Cache file size: in bytes, optionally using k / M / G / T suffix,
- # # or in percentage of available disk space using the % suffix.
- # VARNISH_STORAGE_SIZE=1G
- #
- # # File containing administration secret
- # VARNISH_SECRET_FILE=/etc/varnish/secret
- #
- # # Backend storage specification
- # VARNISH_STORAGE="file,${VARNISH_STORAGE_FILE},${VARNISH_STORAGE_SIZE}"
- #
- # # Default TTL used when the backend does not specify one
- # VARNISH_TTL=120
- #
- # # DAEMON_OPTS is used by the init script. If you add or remove options, make
- # # sure you update this section, too.
- # DAEMON_OPTS="-a ${VARNISH_LISTEN_ADDRESS}:${VARNISH_LISTEN_PORT}
- # -f ${VARNISH_VCL_CONF}
- # -T ${VARNISH_ADMIN_LISTEN_ADDRESS}:${VARNISH_ADMIN_LISTEN_PORT}
- # -t ${VARNISH_TTL}
- # -S ${VARNISH_SECRET_FILE}
- # -s ${VARNISH_STORAGE}"
- #
- ## Alternative 4, Do It Yourself
- #
- # DAEMON_OPTS=""
Add Comment
Please, Sign In to add comment