Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # ------------------------------------------------------------
- # whoami.DOMAIN
- # ------------------------------------------------------------
- map $scheme $hsts_header {
- https "max-age=63072000; includeSubDomains; preload";
- }
- server {
- set $forward_scheme http;
- set $server "127.0.0.1";
- set $port 2001;
- listen 80;
- listen 443 ssl;
- # listen [::]:80;
- # listen [::]:443;
- http2 on;
- server_name whoami.DOMAIN;
- # Let's Encrypt SSL
- include conf.d/include/letsencrypt-acme-challenge.conf;
- include conf.d/include/ssl-cache.conf;
- include conf.d/include/ssl-ciphers.conf;
- ssl_certificate /etc/letsencrypt/live/npm-1/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/npm-1/privkey.pem;
- # Block Exploits
- include conf.d/include/block-exploits.conf;
- # HSTS (ngx_http_headers_module is required) (63072000 seconds = 2 years)
- add_header Strict-Transport-Security $hsts_header always;
- # Force SSL
- include conf.d/include/force-ssl.conf;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $http_connection;
- proxy_http_version 1.1;
- access_log /data/logs/proxy-host-1_access.log proxy;
- error_log /data/logs/proxy-host-1_error.log warn;
- location / {
- # HSTS (ngx_http_headers_module is required) (63072000 seconds = 2 years)
- add_header Strict-Transport-Security $hsts_header always;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $http_connection;
- proxy_http_version 1.1;
- # Proxy!
- include conf.d/include/proxy.conf;
- }
- # Custom
- include /data/nginx/custom/server_proxy[.]conf;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
