Skip to content

Instantly share code, notes, and snippets.



Last active Dec 18, 2018
What would you like to do?
# Sample Nginx configuration for Misskey
# 1. Replace example.tld to your domain
# 2. Copy to /etc/nginx/sites-enabled
# or copy to /etc/nginx/sites-available and symlink from /etc/nginx/sites-ebabled
# For WebSockets
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
proxy_cache_path /tmp/nginx_cache levels=1:2 keys_zone=cache1:16m max_size=1g inactive=720m use_temp_path=off;
server {
listen 80;
listen [::]:80;
server_name example.tld;
# For SSL domain validation
root /var/www/html;
location /.well-known/acme-challenge/ { allow all; }
location /.well-known/pki-validation/ { allow all; }
location / { return 301 https://$server_name$request_uri; }
server {
listen 443 http2;
listen [::]:443 http2;
server_name example.tld;
ssl on;
ssl_session_timeout 5m;
# To use letsencrypt certificate
#ssl_certificate /etc/letsencrypt/live/example.tld/fullchain.pem;
#ssl_certificate_key /etc/letsencrypt/live/example.tld/privkey.pem;
# To use Debian/Ubuntu's self-signed certificate (For testing or before issuing a certificate)
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
# SSL protocol settings
ssl_protocols TLSv1 TLSv1.2;
ssl_prefer_server_ciphers on;
# Change to your upload limit
client_max_body_size 80m;
# Proxy to Node
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_http_version 1.1;
proxy_redirect off;
# For WebSockets
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# Cache settings
proxy_cache cache1;
proxy_cache_lock on;
proxy_cache_use_stale updating;
add_header X-Cache $upstream_cache_status;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment