Advertisement
fedorm

nginxproduction

Dec 17th, 2019
446
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.49 KB | None | 0 0
  1. events { }
  2. http {
  3. sendfile on;
  4. tcp_nopush on;
  5. tcp_nodelay on;
  6. keepalive_timeout 15;
  7. types_hash_max_size 2048;
  8. server_tokens off;
  9.  
  10. include /etc/nginx/mime.types;
  11. default_type text/javascript;
  12.  
  13. access_log off;
  14. error_log /var/log/nginx/error.log;
  15.  
  16. gzip on;
  17. gzip_min_length 100;
  18. gzip_http_version 1.1;
  19. gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
  20.  
  21. client_max_body_size 8M;
  22.  
  23. server {
  24. listen 80;
  25. server_name tkoegais.ru lk.tkoegais.ru lk.tko.ac-mpr.ru tko.ac-mpr.ru;
  26. server_tokens off;
  27.  
  28. location /.well-known/acme-challenge/ {
  29. root /var/www/certbot;
  30. }
  31.  
  32. location / {
  33. return 301 https://$host$request_uri;
  34. }
  35. }
  36.  
  37. server {
  38. listen 443 ssl;
  39. server_name tkoegais.ru www.tkoegais.ru;
  40. rewrite_log on;
  41.  
  42. ssl_certificate /etc/letsencrypt/live/tkoegais.ru/fullchain.pem;
  43. ssl_certificate_key /etc/letsencrypt/live/tkoegais.ru/privkey.pem;
  44. include /etc/letsencrypt/options-ssl-nginx.conf;
  45. ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
  46.  
  47. add_header Strict-Transport-Security 'max-age=604800';
  48.  
  49. location / {
  50. root /var/www/egais;
  51. try_files $uri /index.html;
  52. }
  53.  
  54. location /support/ {
  55. root /var/data/egais/;
  56. }
  57.  
  58. location /egais-api {
  59. proxy_pass http://egais_web_server:8081;
  60. proxy_redirect off;
  61. #proxy_redirect default;
  62. client_max_body_size 5m;
  63. proxy_connect_timeout 600;
  64. proxy_send_timeout 600;
  65. proxy_read_timeout 600;
  66. proxy_pass_request_headers on;
  67. proxy_set_header Host $host;
  68. proxy_set_header X-URI $uri;
  69. proxy_set_header X-ARGS $args;
  70. proxy_set_header Refer $http_refer;
  71. proxy_set_header X-Real-IP $remote_addr;
  72. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  73. proxy_set_header X-Forwarded-Proto $scheme;
  74. }
  75.  
  76. location /egais-api/management {
  77. auth_basic "Administrator area";
  78. auth_basic_user_file /etc/nginx/htpasswd;
  79. proxy_pass http://egais_web_server:8081;
  80. proxy_redirect off;
  81. #proxy_redirect default;
  82. client_max_body_size 5m;
  83. proxy_connect_timeout 600;
  84. proxy_send_timeout 600;
  85. proxy_read_timeout 600;
  86. proxy_pass_request_headers on;
  87. proxy_set_header Host $host;
  88. proxy_set_header X-URI $uri;
  89. proxy_set_header X-ARGS $args;
  90. proxy_set_header Refer $http_refer;
  91. proxy_set_header X-Real-IP $remote_addr;
  92. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  93. proxy_set_header X-Forwarded-Proto $scheme;
  94. }
  95.  
  96. location /api/v2/websocket/ {
  97. access_log off;
  98.  
  99. proxy_pass http://localhost:9999;
  100. proxy_set_header X-Real-IP $remote_addr;
  101. proxy_set_header Host $host;
  102. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  103.  
  104. # WebSocket support (nginx 1.4)
  105. proxy_http_version 1.1;
  106. proxy_set_header Upgrade $http_upgrade;
  107. proxy_set_header Connection "upgrade";
  108.  
  109. # Path rewriting
  110. #rewrite /api/v2/websocket/(.*) /$1 break;
  111. proxy_redirect off;
  112. }
  113. }
  114. server {
  115. listen 80;
  116. server_name lk.tkoegais.ru lk.tko.ac-mpr.ru;
  117. server_tokens off;
  118.  
  119. location / {
  120. return 301 https://$host$request_uri;
  121. }
  122. }
  123.  
  124. server {
  125. listen 443 ssl;
  126. server_name lk.tkoegais.ru lk.tko.ac-mpr.ru;
  127. rewrite_log on;
  128.  
  129. ssl_certificate /etc/letsencrypt/live/tkoegais.ru/fullchain.pem;
  130. ssl_certificate_key /etc/letsencrypt/live/tkoegais.ru/privkey.pem;
  131. include /etc/letsencrypt/options-ssl-nginx.conf;
  132. ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
  133.  
  134. add_header Strict-Transport-Security 'max-age=604800';
  135.  
  136.  
  137. location / {
  138. root /var/www/egaislk;
  139. try_files $uri /index.html;
  140. }
  141.  
  142. location /support/ {
  143. root /var/data/egais/;
  144. }
  145.  
  146. location /egaislk-api {
  147. proxy_pass http://egais_userpanel_server:8080;
  148. proxy_redirect off;
  149. #proxy_redirect default;
  150. client_max_body_size 5m;
  151. proxy_connect_timeout 600;
  152. proxy_send_timeout 600;
  153. proxy_read_timeout 600;
  154. proxy_pass_request_headers on;
  155. proxy_set_header Host $host;
  156. proxy_set_header X-URI $uri;
  157. proxy_set_header X-ARGS $args;
  158. proxy_set_header Refer $http_refer;
  159. proxy_set_header X-Real-IP $remote_addr;
  160. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  161. proxy_set_header X-Forwarded-Proto $scheme;
  162. }
  163.  
  164. location /egaislk-api/management {
  165. auth_basic "Administrator area";
  166. auth_basic_user_file /etc/nginx/htpasswd;
  167. proxy_pass http://egais_userpanel_server:8080;
  168. proxy_redirect off;
  169. #proxy_redirect default;
  170. client_max_body_size 5m;
  171. proxy_connect_timeout 600;
  172. proxy_send_timeout 600;
  173. proxy_read_timeout 600;
  174. proxy_pass_request_headers on;
  175. proxy_set_header Host $host;
  176. proxy_set_header X-URI $uri;
  177. proxy_set_header X-ARGS $args;
  178. proxy_set_header Refer $http_refer;
  179. proxy_set_header X-Real-IP $remote_addr;
  180. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  181. proxy_set_header X-Forwarded-Proto $scheme;
  182. }
  183. }
  184. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement