Skip to content

Instantly share code, notes, and snippets.

@muminoff
Created July 8, 2016 00:05
Show Gist options
  • Save muminoff/09d6f9b97fd4ce484e8229b9231ddf59 to your computer and use it in GitHub Desktop.
Save muminoff/09d6f9b97fd4ce484e8229b9231ddf59 to your computer and use it in GitHub Desktop.
# Ушбу конфигурация файл Nginx веб серверига тегишли бўлиб,
# фақатгина TAS-IX тармоғига тегишли бўлган IP манзилларга
# хизмат кўрсатиш ва бошқа (мир) IP манзилларни блоклаш учун ишлайди.
upstream nodejs_backend{
server 127.0.0.1:8000;
server 127.0.0.1:8001;
server 127.0.0.1:8002;
server 127.0.0.1:8003;
}
server {
listen 80;
server_name www.meningsaytim.uz;
return 301 https://meningsaytim.uz$request_uri;
}
server {
listen 80;
server_name meningsaytim.uz;
return 301 https://meningsaytim.uz$request_uri;
}
server {
listen 443 ssl;
server_name www.meningsaytim.uz;
return 301 https://meningsaytim.uz$request_uri;
ssl on;
ssl_certificate /etc/nginx/ssl/meningsaytim.uz.crt;
ssl_certificate_key /etc/nginx/ssl/meningsaytim.uz.key;
}
server {
listen 443 ssl;
server_name meningsaytim.uz;
root /home/ubuntu;
ssl on;
ssl_certificate /etc/nginx/ssl/meningsaytim.uz.crt;
ssl_certificate_key /etc/nginx/ssl/meningsaytim.uz.key;
# Using Amazon S3
# location /static {
# alias /home/ubuntu/staticfiles;
# }
location / {
allow 213.230.64.0/18;
allow 188.113.192.0/18;
allow 89.236.192.0/18;
allow 89.146.64.0/18;
allow 213.206.32.0/19;
allow 195.158.0.0/19;
allow 94.141.64.0/19;
allow 91.188.128.0/19;
allow 84.54.64.0/19;
allow 83.69.128.0/19;
allow 77.220.192.0/19;
allow 62.209.128.0/19;
allow 217.30.160.0/20;
allow 217.29.112.0/20;
allow 109.207.240.0/20;
allow 94.230.224.0/20;
allow 94.158.48.0/20;
allow 84.54.96.0/20;
allow 83.221.176.0/20;
allow 81.95.224.0/20;
allow 80.80.208.0/20;
allow 178.218.200.0/21;
allow 178.216.128.0/21;
allow 95.46.88.0/21;
allow 95.46.64.0/21;
allow 87.237.232.0/21;
allow 83.221.168.0/21;
allow 82.215.80.0/21;
allow 82.215.72.0/21;
allow 46.255.64.0/21;
allow 46.227.120.0/21;
allow 37.110.208.0/21;
allow 31.135.208.0/21;
allow 217.12.80.0/22;
allow 195.238.104.0/22;
allow 195.211.180.0/22;
allow 185.78.136.0/22;
allow 185.74.100.0/22;
allow 185.74.4.0/22;
allow 185.63.224.0/22;
allow 185.6.40.0/22;
allow 185.4.160.0/22;
allow 92.38.52.0/22;
allow 92.38.24.0/22;
allow 91.240.12.0/22;
allow 91.231.56.0/22;
allow 91.229.160.0/22;
allow 91.204.236.0/22;
allow 91.203.172.0/22;
allow 91.196.76.0/22;
allow 84.54.120.0/22;
allow 82.215.88.0/22;
allow 82.215.68.0/22;
allow 217.12.84.0/23;
allow 195.88.214.0/23;
allow 195.34.28.0/23;
allow 193.27.206.0/23;
allow 185.8.212.0/23;
allow 91.234.218.0/23;
allow 91.229.164.0/23;
allow 84.54.112.0/23;
allow 83.221.160.0/23;
allow 82.215.66.0/23;
allow 217.12.86.0/24;
allow 188.130.255.0/24;
allow 188.130.172.0/24;
allow 91.213.31.0/24;
allow 91.212.180.0/24;
allow 91.212.89.0/24;
allow 84.54.114.0/24;
allow 83.221.163.0/24;
allow 82.215.65.0/24;
allow 46.8.35.0/24;
deny all;
proxy_pass_header Server;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Scheme $scheme;
proxy_pass http://nodejs_backend;
proxy_next_upstream error;
}
access_log /var/log/nginx/meningsaytim.uz.access_log;
error_log /var/log/nginx/meningsaytim.uz.error_log;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment