goodGid/Nginx Conf

## Nginx Conf
# Set Load Balance
upstream odot_servers {

  # Traffic Distribute Strategy
  # 1. Round Robin
  #       Default Strategy
  # 2. ip_hash;
  #       Same ip address are always assigned to the same server
  # 3. least_conn;
  #       Distribute reqeust to the server with the fewest connections.

  ip_hash;
  server localhost:8080;
  server localhost:8081;
}

server {
  listen 80;
  server_name 1.1.1.1;

  # The nginx version is not specified in the response header Because of security.
  # default : on
  server_tokens off;

  # Protect XSS Attack
  add_header X-XSS-Protection "1; mode=block";

  location / {

    # Set Custom Header
    add_header author "goodGid";

    # If you want to request directly
    proxy_pass http://localhost:8080;

    # If you want to use Load Balancer
    # proxy_pass http://odot_servers;

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;

    # If 'access.log' file doesn't exist, it was automatically generated.
    # However, the 'nginx_log' directory must be created.
    access_log /home/ubuntu/.../nginx_log/access.log;
  }
}

# If you want to use HTTPS
server {
  listen 443 ssl;
  server_name {{Domain Name}};
  # ex) server_name goodgid.ga;
  ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!DH;
  ssl_prefer_server_ciphers on;
  ssl_certificate /etc/letsencrypt/live/{{Domain Name}}/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/{{Domain Name}}/privkey.pem;

  # The nginx version is not specified in the response header Because of security.
  # default : on
  server_tokens off;

  # Protect XSS Attack
  add_header X-XSS-Protection "1; mode=block";

  location / {

    # Set Custom Header
    add_header author "goodGid";

    # If you want to request directly
    proxy_pass http://localhost:8080;

    # If you want to use Load Balancer
    # proxy_pass http://odot_servers;

    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;

    # If 'access.log' file doesn't exist, it was automatically generated.
    # However, the 'nginx_log' directory must be created.
    access_log /home/ubuntu/.../nginx_log/access.log;
  }
}
	# Set Load Balance
	upstream odot_servers {

	# Traffic Distribute Strategy
	# 1. Round Robin
	# Default Strategy
	# 2. ip_hash;
	# Same ip address are always assigned to the same server
	# 3. least_conn;
	# Distribute reqeust to the server with the fewest connections.

	ip_hash;
	server localhost:8080;
	server localhost:8081;
	}

	server {
	listen 80;
	server_name 1.1.1.1;

	# The nginx version is not specified in the response header Because of security.
	# default : on
	server_tokens off;

	# Protect XSS Attack
	add_header X-XSS-Protection "1; mode=block";

	location / {

	# Set Custom Header
	add_header author "goodGid";

	# If you want to request directly
	proxy_pass http://localhost:8080;

	# If you want to use Load Balancer
	# proxy_pass http://odot_servers;

	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $http_host;

	# If 'access.log' file doesn't exist, it was automatically generated.
	# However, the 'nginx_log' directory must be created.
	access_log /home/ubuntu/.../nginx_log/access.log;
	}
	}

	# If you want to use HTTPS
	server {
	listen 443 ssl;
	server_name {{Domain Name}};
	# ex) server_name goodgid.ga;
	ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!DH;
	ssl_prefer_server_ciphers on;
	ssl_certificate /etc/letsencrypt/live/{{Domain Name}}/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/{{Domain Name}}/privkey.pem;

	# The nginx version is not specified in the response header Because of security.
	# default : on
	server_tokens off;

	# Protect XSS Attack
	add_header X-XSS-Protection "1; mode=block";

	location / {

	# Set Custom Header
	add_header author "goodGid";

	# If you want to request directly
	proxy_pass http://localhost:8080;

	# If you want to use Load Balancer
	# proxy_pass http://odot_servers;

	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $http_host;

	# If 'access.log' file doesn't exist, it was automatically generated.
	# However, the 'nginx_log' directory must be created.
	access_log /home/ubuntu/.../nginx_log/access.log;
	}
	}