Last active
September 5, 2017 22:13
-
-
Save ishanjain28/615b38a4ae7720f966a00cb73c7614d8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# nginx reverse proxy configuration for hosting two websites on one server | |
# File has to be saved in /etc/nginx/sites-available/website | |
# Then link it and store that in ../sites-enabled | |
# Also this configuration can be used to enable https on a website, Remove the third server {} block. | |
server { | |
# Redirect from http to https | |
listen 80; | |
listen [::]:80 default_server; | |
return 301 https://$host$request_uri; | |
} | |
server { | |
# Listen on port 443, Enable ssl and HTTP/2 | |
listen 443 ssl http2; | |
# Server Name | |
server_name coer-portal.ishanjain.me; | |
# ssl certificate configuration | |
ssl_certificate /etc/letsencrypt/live/coer-portal.ishanjain.me/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/coer-portal.ishanjain.me/privkey.pem; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_prefer_server_ciphers on; | |
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; | |
# Enable Underscores in Headers | |
underscores_in_headers on; | |
location / { | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-NginX-Proxy true; | |
proxy_pass http://localhost:3000/; | |
proxy_ssl_session_reuse off; | |
proxy_set_header Host $http_host; | |
proxy_cache_bypass $http_upgrade; | |
proxy_redirect off; | |
} | |
} | |
server { | |
listen 443 ssl http2; | |
server_name coer-backend.ishanjain.me; | |
ssl_certificate /etc/letsencrypt/live/coer-backend.ishanjain.me/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/coer-backend.ishanjain.me/privkey.pem; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_prefer_server_ciphers on; | |
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; | |
location / { | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-NginX-Proxy true; | |
proxy_pass http://localhost:5000/; | |
proxy_ssl_session_reuse off; | |
proxy_set_header Host $http_host; | |
proxy_cache_bypass $http_upgrade; | |
proxy_redirect off; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment