fedorm

Untitled

May 8th, 2020
324
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.78 KB | None | 0 0
  1. events {}
  2. http {
  3. sendfile on;
  4. tcp_nopush on;
  5. tcp_nodelay on;
  6. keepalive_timeout 15;
  7. types_hash_max_size 2048;
  8. server_tokens off;
  9.  
  10. include /etc/nginx/mime.types;
  11. default_type text/javascript;
  12.  
  13. access_log off;
  14. error_log /var/log/nginx/error.log;
  15.  
  16. gzip on;
  17. gzip_min_length 100;
  18. gzip_http_version 1.1;
  19. gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
  20.  
  21. client_max_body_size 8M;
  22.  
  23. server {
  24. listen 80;
  25. server_tokens off;
  26.  
  27. location /.well-known/acme-challenge/ {
  28. root /var/www/certbot;
  29. }
  30.  
  31. location / {
  32. return 301 https://$host$request_uri;
  33. }
  34. }
  35.  
  36. server {
  37. listen 443 ssl;
  38. rewrite_log on;
  39.  
  40. ssl_certificate /etc/letsencrypt/live/ac-mpr.ru/fullchain.pem;
  41. ssl_certificate_key /etc/letsencrypt/live/ac-mpr.ru/privkey.pem;
  42. include /etc/letsencrypt/options-ssl-nginx.conf;
  43. ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
  44.  
  45. add_header Strict-Transport-Security 'max-age=604800';
  46.  
  47. location / {
  48. proxy_pass https://10.77.2.171:443;
  49. proxy_redirect off;
  50. #proxy_redirect default;
  51. client_max_body_size 5m;
  52. proxy_connect_timeout 600;
  53. proxy_send_timeout 600;
  54. proxy_read_timeout 600;
  55. proxy_pass_request_headers on;
  56. proxy_set_header Host $host;
  57. proxy_set_header X-URI $uri;
  58. proxy_set_header X-ARGS $args;
  59. proxy_set_header Refer $http_refer;
  60. proxy_set_header X-Real-IP $remote_addr;
  61. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  62. proxy_set_header X-Forwarded-Proto $scheme;
  63. }
  64. }
  65. }
Add Comment
Please, Sign In to add comment