ngw/gist:f97adc4194b08ea355c8 Secret

## gistfile1.txt
upstream server {
  server 0.0.0.0:8080;
}

server {
  listen 4567  default_server ssl;
  server_name  sandbox.thing.it;
  ssl_certificate  /Users/ngw/thing/server.crt;
  ssl_certificate_key /Users/ngw/thing/server.key;
  ssl_stapling on;
  ssl_stapling_verify on;
  ssl_trusted_certificate /etc/ssl/cert/RapidSSL_CA_bundle.pem;
  resolver 8.8.8.8 8.8.4.4 valid=300s;
  resolver_timeout 10s;

  ssl_prefer_server_ciphers On;
  ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;

 location / {
   proxy_pass http://server;
   proxy_set_header Host $host;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 }
}
	upstream server {
	server 0.0.0.0:8080;
	}

	server {
	listen 4567 default_server ssl;
	server_name sandbox.thing.it;
	ssl_certificate /Users/ngw/thing/server.crt;
	ssl_certificate_key /Users/ngw/thing/server.key;
	ssl_stapling on;
	ssl_stapling_verify on;
	ssl_trusted_certificate /etc/ssl/cert/RapidSSL_CA_bundle.pem;
	resolver 8.8.8.8 8.8.4.4 valid=300s;
	resolver_timeout 10s;

	ssl_prefer_server_ciphers On;
	ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;

	location / {
	proxy_pass http://server;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	}
	}