ssl configuration
parent
0be05488a9
commit
53ae8dd1a4
|
@ -1,19 +1,30 @@
|
|||
#origin git@github.com:ToywheelDev/gamewheel-gate.git
|
||||
server {
|
||||
listen 80;
|
||||
|
||||
server_name gate.gamewheel.local content.gamewheel.local asset.gamewheel.local;
|
||||
|
||||
root /usr/share/gamewheel/gate;
|
||||
|
||||
location / {
|
||||
proxy_pass_request_headers on;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-NginX-Proxy true;
|
||||
proxy_pass http://127.0.0.1:3115;
|
||||
proxy_ssl_session_reuse off;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_redirect off;
|
||||
}
|
||||
listen 80;
|
||||
return 301 https://$server_name$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
|
||||
include /etc/nginx/ssl.conf;
|
||||
|
||||
location / {
|
||||
#auth_basic "Restricted"; #For Basic Auth
|
||||
#auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth
|
||||
|
||||
# redirect all HTTP traffic to userInterface1
|
||||
proxy_pass http://127.0.1:3115;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
# WebSocket support (nginx 1.4)
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
|
||||
# Path rewriting
|
||||
rewrite /(.*) /$1 break;
|
||||
proxy_redirect off;
|
||||
}
|
||||
}
|
|
@ -0,0 +1,6 @@
|
|||
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
|
||||
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
|
||||
ssl_session_timeout 5m;
|
||||
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
|
||||
ssl_prefer_server_ciphers on;
|
Loading…
Reference in New Issue