kenperkins/nginx.conf Secret

## nginx.conf
user www-data;
worker_processes 4;
pid /run/nginx.pid;

events {
	worker_connections 768;
}

http {
	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	gzip on;
	gzip_disable "msie6";

	include /etc/nginx/sites-enabled/*;
}

## ssl.nginx.conf
ssl                     on;
ssl_ciphers             AES256-SHA:AES128-SHA:RC4-SHA:RC4-MD5;

## vhost1.nginxconf
#
# HTTPS/SSL Server #########################################################
#

upstream foo {
  server app-01.private.example.com:1000;
}

server {
  listen          1.2.3.4:443 ssl;
  server_name     foo.com;

  include conf.d/ssl.conf;
  ssl_certificate     /etc/nginx/certs/foo.com-combined.crt;
  ssl_certificate_key /etc/nginx/certs/foo.com.key;

  location / {
    proxy_pass  https://foo;
  }
}

server {
  listen          1.2.3.4:443 ssl;
  server_name     www.foo.com;

  include conf.d/ssl.conf;
  ssl_certificate     /etc/nginx/certs/foo.com-combined.crt;
  ssl_certificate_key /etc/nginx/certs/foo.com.key;

  rewrite ^ $scheme://foo.com$request_uri? permanent;
}

server {
  listen         1.2.3.4:80;
  server_name    foo.com www.foo.com;
  rewrite        ^ https://$server_name$request_uri? permanent;
}

## vhost2.nginxconf
#
# HTTPS/SSL Server #########################################################
#

upstream bar {
  server app-01.private.example.com:1001;
}

server {
  listen          1.2.3.4:443 ssl;
  server_name     bar.com;

  include conf.d/ssl.conf;
  ssl_certificate     /etc/nginx/certs/bar.com-combined.crt;
  ssl_certificate_key /etc/nginx/certs/bar.com.key;

  location / {
    proxy_pass  https://bar;
  }
}

server {
  listen          1.2.3.4:443 ssl;
  server_name     www.bar.com;

  include conf.d/ssl.conf;
  ssl_certificate     /etc/nginx/certs/bar.com-combined.crt;
  ssl_certificate_key /etc/nginx/certs/bar.com.key;

  rewrite ^ $scheme://bar.com$request_uri? permanent;
}

server {
  listen         1.2.3.4:80;
  server_name    bar.com www.bar.com;
  rewrite        ^ https://$server_name$request_uri? permanent;
}
	user www-data;
	worker_processes 4;
	pid /run/nginx.pid;

	events {
	worker_connections 768;
	}

	http {
	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	gzip on;
	gzip_disable "msie6";

	include /etc/nginx/sites-enabled/*;
	}
	#
	# HTTPS/SSL Server #########################################################
	#

	upstream foo {
	server app-01.private.example.com:1000;
	}

	server {
	listen 1.2.3.4:443 ssl;
	server_name foo.com;

	include conf.d/ssl.conf;
	ssl_certificate /etc/nginx/certs/foo.com-combined.crt;
	ssl_certificate_key /etc/nginx/certs/foo.com.key;

	location / {
	proxy_pass https://foo;
	}
	}

	server {
	listen 1.2.3.4:443 ssl;
	server_name www.foo.com;

	include conf.d/ssl.conf;
	ssl_certificate /etc/nginx/certs/foo.com-combined.crt;
	ssl_certificate_key /etc/nginx/certs/foo.com.key;

	rewrite ^ $scheme://foo.com$request_uri? permanent;
	}

	server {
	listen 1.2.3.4:80;
	server_name foo.com www.foo.com;
	rewrite ^ https://$server_name$request_uri? permanent;
	}
	#
	# HTTPS/SSL Server #########################################################
	#

	upstream bar {
	server app-01.private.example.com:1001;
	}

	server {
	listen 1.2.3.4:443 ssl;
	server_name bar.com;

	include conf.d/ssl.conf;
	ssl_certificate /etc/nginx/certs/bar.com-combined.crt;
	ssl_certificate_key /etc/nginx/certs/bar.com.key;

	location / {
	proxy_pass https://bar;
	}
	}

	server {
	listen 1.2.3.4:443 ssl;
	server_name www.bar.com;

	include conf.d/ssl.conf;
	ssl_certificate /etc/nginx/certs/bar.com-combined.crt;
	ssl_certificate_key /etc/nginx/certs/bar.com.key;

	rewrite ^ $scheme://bar.com$request_uri? permanent;
	}

	server {
	listen 1.2.3.4:80;
	server_name bar.com www.bar.com;
	rewrite ^ https://$server_name$request_uri? permanent;
	}