Format & Clean
This commit is contained in:
parent
6259f0be35
commit
9c13cc42d4
GPG Key ID:
C99B82E40B027BAE
|
|
@ -1,13 +1,13 @@
|
|||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
root /var/www/html;
|
||||
index index.html;
|
||||
root /var/www/html;
|
||||
index index.html;
|
||||
|
||||
server_name my.domain.com;
|
||||
server_name my.domain.com;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/my.domain.com/fullchain.pem;
|
||||
ssl_certificate /etc/letsencrypt/live/my.domain.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/my.domain.com/privkey.pem;
|
||||
include /etc/nginx/snippets/ssl_options.conf;
|
||||
|
||||
|
|
@ -16,13 +16,12 @@ server {
|
|||
client_max_body_size 5M;
|
||||
client_body_buffer_size 256K;
|
||||
|
||||
sendfile on;
|
||||
send_timeout 600s;
|
||||
|
||||
sendfile on;
|
||||
send_timeout 600s;
|
||||
|
||||
location / {
|
||||
proxy_pass http://192.168.2.1/;
|
||||
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
|
||||
location / {
|
||||
proxy_pass http://192.168.2.1/;
|
||||
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
|
||||
|
||||
proxy_buffering on;
|
||||
proxy_buffers 12 12k;
|
||||
|
|
@ -33,5 +32,5 @@ server {
|
|||
proxy_set_header X-Forwarded-Proto https;
|
||||
proxy_set_header X-Forwarded-Port 443;
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server ipv6only=on;
|
||||
|
||||
|
||||
server_name *.de ;
|
||||
|
||||
include /etc/nginx/snippets/letsencrypt.conf;
|
||||
|
|
|
|||
|
|
@ -1,32 +1,32 @@
|
|||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
root /var/www/html;
|
||||
index index.html;
|
||||
root /var/www/html;
|
||||
index index.html;
|
||||
|
||||
server_name cloud.domain.com;
|
||||
server_name cloud.domain.com;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/cloud.domain.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/cloud.domain.com/privkey.pem;
|
||||
include /etc/nginx/snippets/ssl_options.conf;
|
||||
ssl_certificate /etc/letsencrypt/live/cloud.domain.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/cloud.domain.com/privkey.pem;
|
||||
include /etc/nginx/snippets/ssl_options.conf;
|
||||
|
||||
client_body_in_file_only clean;
|
||||
client_body_buffer_size 128K;
|
||||
client_body_in_file_only clean;
|
||||
client_body_buffer_size 128K;
|
||||
|
||||
client_max_body_size 5g;
|
||||
client_max_body_size 5g;
|
||||
|
||||
sendfile on;
|
||||
send_timeout 600s;
|
||||
sendfile on;
|
||||
send_timeout 600s;
|
||||
|
||||
location / {
|
||||
proxy_pass http://192.168.2.2/;
|
||||
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
|
||||
location / {
|
||||
proxy_pass http://192.168.2.2/;
|
||||
proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;
|
||||
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_redirect off;
|
||||
}
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_redirect off;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,13 +0,0 @@
|
|||
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
|
||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||
|
||||
# Check that the PHP script exists before passing it
|
||||
try_files $fastcgi_script_name =404;
|
||||
|
||||
# Bypass the fact that try_files resets $fastcgi_path_info
|
||||
# see: http://trac.nginx.org/nginx/ticket/321
|
||||
set $path_info $fastcgi_path_info;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
|
||||
fastcgi_index index.php;
|
||||
include fastcgi.conf;
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
# Self signed certificates generated by the ssl-cert package
|
||||
# Don't use them in a production server!
|
||||
|
||||
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
|
||||
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
|
||||
|
|
@ -1,15 +0,0 @@
|
|||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:SSL:50m;
|
||||
ssl_session_tickets off;
|
||||
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_ciphers EECDH+AESGCM:EECDH+AES;
|
||||
ssl_ecdh_curve secp384r1;
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
|
||||
add_header X-Frame-Options DENY;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
|
|
@ -1,9 +1,15 @@
|
|||
ssl_session_timeout 1d;
|
||||
ssl_session_cache shared:SSL:50m;
|
||||
ssl_session_tickets off;
|
||||
|
||||
ssl_protocols TLSv1.2 TLSv1.3;
|
||||
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_dhparam /etc/ssl/certs/dhparam.pem;
|
||||
ssl_session_cache shared:SSL:50m;
|
||||
|
||||
ssl_stapling on;
|
||||
ssl_stapling_verify on;
|
||||
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
|
||||
add_header X-Frame-Options DENY;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
|
|
|
|||
Loading…
Reference in New Issue