Skip to content

Instantly share code, notes, and snippets.

@MadMartigan
Created March 10, 2017 15:44
Show Gist options
  • Save MadMartigan/641318f4d3b407cb8eeac79a591944c1 to your computer and use it in GitHub Desktop.
Save MadMartigan/641318f4d3b407cb8eeac79a591944c1 to your computer and use it in GitHub Desktop.
Postgrest SSL reverse proxy config for nginx
# domain.com nginx config
server {
listen 443;
server_name domain.com;
return 301 https://www.$server_name$request_uri;
}
server {
listen 80;
server_name domain.com;
return 301 https://www.$server_name$request_uri;
}
server {
listen 443;
server_name www.domain.com;
ssl on;
ssl_certificate /usr/share/nginx/certs/www_domain_com.pem;
ssl_certificate_key /usr/share/nginx/certs/www_domain_com.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/www_domain_com.access_log;
error_log /var/log/nginx/www_domain_com.error_log;
location / {
#expires -1;
proxy_pass http://127.0.0.1:3001;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
server_tokens off;
include cors_support;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment