Created
October 19, 2011 02:20
-
-
Save tribeofdan/1297333 to your computer and use it in GitHub Desktop.
tribe_of_dans BOA SSL set up...
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### | |
### Plain HTTP proxy to add more IPs for HTTP connections (START) | |
### | |
### CREATE THIS FILE AS: /var/aegir/config/server_master/nginx/pre.d/extra_ip.conf | |
### | |
upstream extra_ip { | |
server 173.230.150.128:80; | |
} | |
server { | |
listen 74.207.245.68:80; | |
server_name _; | |
location / { | |
proxy_pass http://extra_ip; | |
proxy_redirect off; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-By $server_addr:$server_port; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_connect_timeout 90; | |
proxy_send_timeout 90; | |
proxy_read_timeout 90; | |
proxy_buffer_size 4k; | |
proxy_buffers 4 32k; | |
proxy_busy_buffers_size 64k; | |
proxy_temp_file_write_size 64k; | |
access_log off; | |
} | |
} | |
### | |
### Plain HTTP proxy to add more IPs for HTTP connections (END) | |
### | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### | |
### Secure HTTPS proxy to add more IPs for HTTPS connections (START) | |
### | |
### CREATE THIS FILE AS: /var/aegir/config/server_master/nginx/pre.d/extra_ip_ssl.conf | |
### | |
upstream extra_ip_ssl { | |
server 173.230.150.128:80; | |
} | |
### | |
### FOR abc-ssl-enabled-domain.com | |
### | |
server { | |
listen 74.207.245.68:443; | |
server_name _; | |
ssl on; | |
ssl_certificate /etc/ssl/private/stratos.com.au.combined.crt; | |
ssl_certificate_key /etc/ssl/private/stratos.com.au.key; | |
ssl_session_timeout 5m; | |
ssl_protocols SSLv3 TLSv1; | |
ssl_ciphers HIGH:!ADH:!MD5; | |
ssl_prefer_server_ciphers on; | |
keepalive_timeout 70; | |
location / { | |
proxy_pass http://extra_ip_ssl; | |
proxy_redirect off; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-By $server_addr:$server_port; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_connect_timeout 90; | |
proxy_send_timeout 90; | |
proxy_read_timeout 90; | |
proxy_buffer_size 4k; | |
proxy_buffers 4 32k; | |
proxy_busy_buffers_size 64k; | |
proxy_temp_file_write_size 64k; | |
access_log off; | |
} | |
} | |
### | |
### Secure HTTPS proxy to add more IPs for HTTPS connections (END) | |
### | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment