API tools faq
paste
Advertisement
NoX_Holt

example nginx dynmap configuration

NoX_Holt
Mar 15th, 2024
73
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Nginx 2.93 KB | Gaming | 0 0
raw download clone embed print report
  1. # File /etc/nginx/conf.d/dynmap.conf
  2.  
  3. # HTTP configuration
  4. server {
  5.     # IP-Adressen
  6.     listen 0.0.0.0:80;
  7.     listen [::]:80;
  8.     # server_name <your-subdomain>.<domain name>.<tld>
  9.     # For example:
  10.     server_name dynmap.example.com;
  11.     # redirect all HTTP requests to HTTPS
  12.     # return 301 https://<your-subdomain>.<domain name>.<tld>$request_uri;
  13.     # For example:
  14.     return 301 https://dynmap.example.com$request_uri;
  15. }
  16.  
  17. # HTTPS configuration
  18. server {
  19.     # IP-Adressen
  20.     listen 0.0.0.0:443 ssl;
  21.     listen [::]:443 ssl;
  22.     http2 on;
  23.  
  24.     # server_name <your-subdomain>.<domain name>.<tld>;
  25.     # For example:
  26.     server_name dynmap.example.com;
  27.     index index.php;
  28.    
  29.     # Logs (adjust the paths for your case)
  30.     access_log /var/log/nginx/dynmap.access.log;
  31.     error_log /var/log/nginx/dynmap.error.log;
  32.    
  33.     # Paths to certificates (adjust accordingly, I created the folder /etc/nginx/ssl for this, you could also point to the letsencrypt files directly (/etc/letsencrypt) - Make sure nginx can read them!
  34.     ssl_certificate /etc/nginx/ssl/example.com/fullchain.pem;
  35.     ssl_certificate_key /etc/nginx/ssl/example.com/privkey.pem;
  36.    
  37.     # Supported protocols and ciphers
  38.     ssl_protocols TLSv1.2 TLSv1.3;
  39.     ssl_prefer_server_ciphers on;
  40.     ssl_ciphers TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
  41.     ssl_ecdh_curve secp384r1;
  42.     # Adjust path to your dhparams file (generate with: openssl dhparam -out /etc/nginx/ssl/dhparam.pem 4096 - sizes could be 1024 / 2048 / 4096 - Higher = takes a while!)
  43.     ssl_dhparam /etc/nginx/ssl/dhparams.pem;
  44.  
  45.     # OCSP (Optional) - Please specify correct path for ssl_trusted_certificate
  46.     ssl_stapling on;
  47.     ssl_trusted_certificate /etc/nginx/ssl/example.com/fullchain.pem;
  48.     ssl_stapling_verify on;
  49.     resolver 1.1.1.1;
  50.    
  51.     # Headers
  52.     add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
  53.     add_header X-Frame-Options "SAMEORIGIN";
  54.     add_header X-Content-Type-Options nosniff;
  55.     add_header X-XSS-Protection "1; mode=block";
  56.  
  57.     # Proxy settings
  58.     location  / {
  59.         proxy_set_header    Host             $host;
  60.         proxy_set_header    X-Real-IP        $remote_addr;
  61.         proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
  62.         proxy_set_header    X-Client-Verify  SUCCESS;
  63.         proxy_set_header    X-Client-DN      $ssl_client_s_dn;
  64.         proxy_set_header    X-SSL-Subject    $ssl_client_s_dn;
  65.         proxy_set_header    X-SSL-Issuer     $ssl_client_i_dn;
  66.         proxy_set_header    X-Forwarded-Proto https;
  67.         # Adjust to your internal dynmap url - 127.0.0.1 = localhost
  68.         # proxy_pass http://<internal dynmap url>:<Port of Dynmap - Default: 8192>;
  69.         proxy_pass http://127.0.0.1:8192;
  70.         proxy_read_timeout 1800;
  71.         proxy_connect_timeout 1800;
  72.     }
  73. }
Tags: nginx webserver dynmap
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!