Created
October 30, 2014 10:55
-
-
Save santa-1987/106b42a52c5dc0b2514b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
user www-data; | |
worker_processes 4; | |
pid /run/nginx.pid; | |
events { | |
worker_connections 768; | |
# multi_accept on; | |
} | |
http { | |
## | |
# Basic Settings | |
## | |
sendfile on; | |
tcp_nopush on; | |
tcp_nodelay on; | |
keepalive_timeout 65; | |
types_hash_max_size 2048; | |
# server_tokens off;ac | |
# server_names_hash_bucket_size 64; | |
# server_name_in_redirect off; | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
## | |
# Logging Settings | |
## | |
access_log /var/log/nginx/access.log; | |
error_log /var/log/nginx/error.log; | |
## | |
# Gzip Settings | |
## | |
gzip on; | |
gzip_disable "msie6"; | |
# gzip_vary on; | |
# gzip_proxied any; | |
# gzip_comp_level 6; | |
# gzip_buffers 16 8k; | |
# gzip_http_version 1.1; | |
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; | |
## | |
# Virtual Host Configs | |
## | |
include /etc/nginx/conf.d/*.conf; | |
include /etc/nginx/sites-enabled/*; | |
### START ADDING CONFIGURATION HTTPS PORTAL 2014 #### | |
############################ | |
#### PORTAL | |
############################# | |
upstream proxy_pass_server { | |
server 127.0.0.1:3000 fail_timeout=0; | |
} | |
server { | |
listen 443; | |
client_max_body_size 4G; | |
server_name 127.0.0.1; | |
ssl on; | |
ssl_certificate /etc/nginx/ssl/nginx.in.crt; | |
ssl_certificate_key /etc/nginx/ssl/nginx.in.key; | |
### SSL log files ### | |
access_log /var/log/nginx/ssl-access.log; | |
error_log /var/log/nginx/ssl-error.log; | |
# ~2 seconds is often enough for most folks to parse HTML/CSS and | |
# retrieve needed images/icons/frames, connections are cheap in | |
# nginx so increasing this is generally safe... | |
keepalive_timeout 5; | |
location / { | |
# Increasing timeouts in order to let reports render | |
proxy_read_timeout 200; | |
proxy_send_timeout 200; | |
# Pass a bunch of headers to the downstream server, so they'll know what's going on. | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# Most web apps can be configured to read this header and understand that the current session is actually HTTPS. | |
proxy_set_header X-Forwarded-Proto https; | |
proxy_pass http://proxy_pass_server; | |
break; | |
} | |
#error_page 404 /404.html; | |
# redirect server error pages to the static page /50x.html | |
error_page 500 502 503 504 /50x.html; | |
location = /50x.html { | |
root html; | |
} | |
} | |
### STOP CONFIGURING HTTPS PORTAL 2014 ##### | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment