uniibu/default Secret

## default
server {
        listen 80;
        listen [::]:80;
        server_name theia.cryptobro.eu;
        return 301 https://$host$request_uri;
}

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name theia.cryptobro.eu;
        ssl_certificate /etc/letsencrypt/live/theia.cryptobro.eu/fullchain.pem;
	      ssl_certificate_key /etc/letsencrypt/live/theia.cryptobro.eu/privkey.pem;
        autoindex off;
        charset utf-8;

        auth_basic  "Username and Password Required";
        auth_basic_user_file  /etc/nginx/.htpasswd;

       # this limits access to the whole site with basic authentication
        auth_basic  "Username and Password Required";
        auth_basic_user_file  /etc/nginx/.htpasswd;

       location / {
             include /etc/nginx/proxy_opts;
             proxy_pass http://localhost:8126;
       }
}

## nginx.conf
user www-data;
worker_processes auto;
worker_rlimit_nofile 8192;

events {
  worker_connections 8000;
  use epoll;
  multi_accept on;
}

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

http {
  server_tokens off;
  include       /etc/nginx/mime.types;
  default_type  application/octet-stream;

  charset_types
    text/css
    text/plain
    text/vnd.wap.wml
    application/javascript
    application/json
    application/rss+xml
    application/xml;

  # Include $http_x_forwarded_for within default format used in log files
  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

  access_log /var/log/nginx/access.log main;

  keepalive_timeout 20s;
  sendfile        on;
  tcp_nopush      on;
  gzip on;
  gzip_comp_level    5;
  gzip_min_length    256;
  gzip_proxied       any;
  gzip_vary          on;
  gzip_types
    application/atom+xml
    application/javascript
    application/json
    application/ld+json
    application/manifest+json
    application/rss+xml
    application/vnd.geo+json
    application/vnd.ms-fontobject
    application/x-font-ttf
    application/x-web-app-manifest+json
    application/xhtml+xml
    application/xml
    font/opentype
    image/bmp
    image/svg+xml
    image/x-icon
    text/cache-manifest
    text/css
    text/plain
    text/vcard
    text/vnd.rim.location.xloc
    text/vtt
    text/x-component
    text/x-cross-domain-policy;

  include /etc/nginx/conf.d/*.conf;
  include /etc/nginx/sites-enabled/*;
}

## proxy_opts
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 100M;
client_body_buffer_size 1m;
proxy_http_version 1.1;
proxy_redirect off;
proxy_intercept_errors on;
proxy_buffering on;
proxy_buffer_size 128k;
proxy_buffers 256 16k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_max_temp_file_size 0;
proxy_read_timeout 300;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
	server {
	listen 80;
	listen [::]:80;
	server_name theia.cryptobro.eu;
	return 301 https://$host$request_uri;
	}

	server {
	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	server_name theia.cryptobro.eu;
	ssl_certificate /etc/letsencrypt/live/theia.cryptobro.eu/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/theia.cryptobro.eu/privkey.pem;
	autoindex off;
	charset utf-8;

	auth_basic "Username and Password Required";
	auth_basic_user_file /etc/nginx/.htpasswd;

	# this limits access to the whole site with basic authentication
	auth_basic "Username and Password Required";
	auth_basic_user_file /etc/nginx/.htpasswd;

	location / {
	include /etc/nginx/proxy_opts;
	proxy_pass http://localhost:8126;
	}
	}
	user www-data;
	worker_processes auto;
	worker_rlimit_nofile 8192;

	events {
	worker_connections 8000;
	use epoll;
	multi_accept on;
	}

	error_log /var/log/nginx/error.log warn;
	pid /var/run/nginx.pid;

	http {
	server_tokens off;
	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	charset_types
	text/css
	text/plain
	text/vnd.wap.wml
	application/javascript
	application/json
	application/rss+xml
	application/xml;

	# Include $http_x_forwarded_for within default format used in log files
	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';

	access_log /var/log/nginx/access.log main;

	keepalive_timeout 20s;
	sendfile on;
	tcp_nopush on;
	gzip on;
	gzip_comp_level 5;
	gzip_min_length 256;
	gzip_proxied any;
	gzip_vary on;
	gzip_types
	application/atom+xml
	application/javascript
	application/json
	application/ld+json
	application/manifest+json
	application/rss+xml
	application/vnd.geo+json
	application/vnd.ms-fontobject
	application/x-font-ttf
	application/x-web-app-manifest+json
	application/xhtml+xml
	application/xml
	font/opentype
	image/bmp
	image/svg+xml
	image/x-icon
	text/cache-manifest
	text/css
	text/plain
	text/vcard
	text/vnd.rim.location.xloc
	text/vtt
	text/x-component
	text/x-cross-domain-policy;

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
	}
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	client_max_body_size 100M;
	client_body_buffer_size 1m;
	proxy_http_version 1.1;
	proxy_redirect off;
	proxy_intercept_errors on;
	proxy_buffering on;
	proxy_buffer_size 128k;
	proxy_buffers 256 16k;
	proxy_busy_buffers_size 256k;
	proxy_temp_file_write_size 256k;
	proxy_max_temp_file_size 0;
	proxy_read_timeout 300;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";