bha123/gist:12542ba6aca81d62952b

## gistfile1.txt
user vcap;
worker_processes 2;
daemon off;

error_log /var/vcap/sys/log/director/error.log;
pid       /var/vcap/sys/run/director/nginx.pid;

events {
  worker_connections 8192;
}

http {
  include      /var/vcap/jobs/director/config/mime.types;
  default_type text/html;

  log_format timed_combined '$remote_addr - $remote_user [$time_local] '
                            '"$request" $status $body_bytes_sent '
                            '"$http_referer" "$http_user_agent" '
                            '$request_time $upstream_response_time $pipe';

  access_log    /var/vcap/sys/log/director/access.log timed_combined;
  server_tokens off;

  sendfile    off;
  tcp_nopush  on;
  tcp_nodelay on;

  keepalive_timeout    7200;


  client_max_body_size 10000m;

  upstream director {
    server 127.0.0.1:25556;
  }

  server {

    listen 25555;

    ssl                 on;
    ssl_certificate     /var/vcap/store/director/nginx/director.pem;
    ssl_certificate_key /var/vcap/store/director/nginx/director.key;
    ssl_session_timeout 7200;
    ssl_prefer_server_ciphers On;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK;

    proxy_set_header    Host              $host;
    proxy_set_header    X-Real-IP         $remote_addr;
    proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-Proto $scheme;

    proxy_read_timeout       900;
    proxy_max_temp_file_size 0;

    location / {
      proxy_pass http://director;

      if ($content_type = "application/x-compressed") {
        more_set_input_headers "Content-Disposition: attachment";

        # Pass altered request body to this location
        upload_pass @director_upload;

        upload_resumable on;

        # Store files to this directory
        upload_store /var/vcap/data/tmp/director/;

        # Allow uploaded files to be read only by user
        upload_store_access user:r;

        # Set specified fields in request body
        upload_set_form_field "nginx_upload_path" $upload_tmp_path;

        # On any error, delete uploaded files.
        upload_cleanup 400-505;
      }
    }

    location @director_upload {
      proxy_pass http://director;
    }
  }

  gzip                 on;
  gzip_min_length      1250;
  gzip_buffers         16 8k;
  gzip_comp_level      2;
  gzip_proxied         any;
  gzip_types           text/plain text/css application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
  gzip_vary            on;
  gzip_disable         "MSIE [1-6]\.(?!.*SV1)";
}
	user vcap;
	worker_processes 2;
	daemon off;

	error_log /var/vcap/sys/log/director/error.log;
	pid /var/vcap/sys/run/director/nginx.pid;

	events {
	worker_connections 8192;
	}

	http {
	include /var/vcap/jobs/director/config/mime.types;
	default_type text/html;

	log_format timed_combined '$remote_addr - $remote_user [$time_local] '
	'"$request" $status $body_bytes_sent '
	'"$http_referer" "$http_user_agent" '
	'$request_time $upstream_response_time $pipe';

	access_log /var/vcap/sys/log/director/access.log timed_combined;
	server_tokens off;

	sendfile off;
	tcp_nopush on;
	tcp_nodelay on;

	keepalive_timeout 7200;


	client_max_body_size 10000m;

	upstream director {
	server 127.0.0.1:25556;
	}

	server {

	listen 25555;

	ssl on;
	ssl_certificate /var/vcap/store/director/nginx/director.pem;
	ssl_certificate_key /var/vcap/store/director/nginx/director.key;
	ssl_session_timeout 7200;
	ssl_prefer_server_ciphers On;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK;

	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;

	proxy_read_timeout 900;
	proxy_max_temp_file_size 0;

	location / {
	proxy_pass http://director;

	if ($content_type = "application/x-compressed") {
	more_set_input_headers "Content-Disposition: attachment";

	# Pass altered request body to this location
	upload_pass @director_upload;

	upload_resumable on;

	# Store files to this directory
	upload_store /var/vcap/data/tmp/director/;

	# Allow uploaded files to be read only by user
	upload_store_access user:r;

	# Set specified fields in request body
	upload_set_form_field "nginx_upload_path" $upload_tmp_path;

	# On any error, delete uploaded files.
	upload_cleanup 400-505;
	}
	}

	location @director_upload {
	proxy_pass http://director;
	}
	}

	gzip on;
	gzip_min_length 1250;
	gzip_buffers 16 8k;
	gzip_comp_level 2;
	gzip_proxied any;
	gzip_types text/plain text/css application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
	gzip_vary on;
	gzip_disable "MSIE [1-6]\.(?!.*SV1)";
	}