Created
December 26, 2020 14:56
-
-
Save cool-mist/8de5dc86a8b6a0cdf274ca1e8307c857 to your computer and use it in GitHub Desktop.
Hosting Minecraft with rcon-web behind nginx with SSL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
user www-data; | |
worker_processes auto; | |
pid /run/nginx.pid; | |
include /etc/nginx/modules-enabled/*.conf; | |
events { | |
worker_connections 768; | |
} | |
http { | |
tcp_nopush on; | |
tcp_nodelay on; | |
keepalive_timeout 65; | |
types_hash_max_size 2048; | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE | |
ssl_prefer_server_ciphers on; | |
access_log /var/log/nginx/access.log; | |
error_log /var/log/nginx/error.log; | |
gzip on; | |
include /etc/nginx/conf.d/*.conf; | |
map $http_upgrade $connection_upgrade { | |
default upgrade; | |
'' close; | |
} | |
server { | |
listen 443 ssl; | |
ssl_certificate /etc/letsencrypt/live/${domain}/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/{domain}-0001/privkey.pem; | |
include /etc/letsencrypt/options-ssl-nginx.conf; | |
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; | |
keepalive_timeout 70; | |
server_name minecraft.${domain}; | |
location / { | |
proxy_pass http://127.0.0.1:4326; | |
} | |
} | |
server { | |
listen 25555 ssl default_server; | |
ssl_certificate /etc/letsencrypt/live/${domain}-0001/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/${domain}-0001/privkey.pem; | |
include /etc/letsencrypt/options-ssl-nginx.conf; | |
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; | |
keepalive_timeout 70; | |
location / { | |
proxy_pass http://127.0.0.1:4327; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "upgrade"; | |
proxy_read_timeout 86400; | |
} | |
} | |
server { | |
listen 80 default_server; | |
server_name _; | |
if ( $host = "minecraft.${domain}") { | |
return 301 http://$host:8080$request_uri; | |
} | |
return 301 https://$host$request_uri; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment