-
-
Save bcoe/0f2ca5e644d464f40f9937c9787a244c to your computer and use it in GitHub Desktop.
ibm-nginx.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
user root; | |
worker_processes 1; | |
pid /var/run/nginx.pid; | |
worker_rlimit_nofile 30000; | |
events { | |
# After increasing this value You probably should increase limit | |
# of file descriptors (for example in start_precmd in startup script) | |
worker_connections 4096; | |
} | |
http { | |
upstream website { | |
server 127.0.0.1:8081; | |
} | |
upstream registry { | |
# 8080 direct 6081 varnish | |
server 127.0.0.1:6081; | |
} | |
client_max_body_size 200M; | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
log_format main '$remote_addr - $remote_user [$time_local] "$request" ' | |
'$status $body_bytes_sent "$http_referer" ' | |
'"$http_user_agent" "$http_x_forwarded_for"'; | |
access_log /var/log/nginx/access.log main; | |
sendfile on; | |
keepalive_timeout 65; | |
# npm Enterprise on HTTPS. | |
server { | |
listen 443; | |
server_name npm.whitewater.ibm.com; | |
ssl on; | |
ssl_certificate /etc/nginx/wildcard.pem; | |
ssl_certificate_key /etc/nginx/wildcard.pem; | |
ssl_session_timeout 5m; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_prefer_server_ciphers on; | |
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"; | |
location / { | |
proxy_pass http://website; | |
proxy_pass_request_headers on; | |
} | |
} | |
server { | |
listen 443; | |
server_name npm-registry.whitewater.ibm.com; | |
ssl on; | |
ssl_certificate /etc/nginx/wildcard.pem; | |
ssl_certificate_key /etc/nginx/wildcard.pem; | |
ssl_session_timeout 5m; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_prefer_server_ciphers on; | |
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"; | |
location / { | |
proxy_pass http://registry; | |
proxy_pass_request_headers on; | |
} | |
} | |
# npm Enterprise on HTTPS. | |
server { | |
listen 4443; | |
server_name npm.whitewater.ibm.com; | |
ssl on; | |
ssl_certificate /etc/nginx/wildcard.pem; | |
ssl_certificate_key /etc/nginx/wildcard.pem; | |
ssl_session_timeout 5m; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_prefer_server_ciphers on; | |
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"; | |
location / { | |
proxy_pass http://registry; | |
proxy_pass_request_headers on; | |
} | |
} | |
# npm Enterprise on HTTP. | |
server { | |
listen 80; | |
server_name npm.whitewater.ibm.com; | |
rewrite ^ https://$server_name$request_uri? permanent; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment