Created
August 24, 2021 23:25
-
-
Save weex/c2ae7a4d6aaca80ffc4866ab9a6e4b4e to your computer and use it in GitHub Desktop.
Diaspora* nginx reverse proxy config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Used this just today to setup diaspora as a reverse proxy. | |
# In diaspora.toml set listen = "0.0.0.0:3000", require_ssl = true and this should work. | |
# Probably want to remove the managed by certbot lines and sections to let certbot add them back. | |
server { | |
root /home/user/diaspora/data/; | |
server_name example.org; | |
client_max_body_size 5M; | |
client_body_buffer_size 256K; | |
try_files $uri @diaspora; | |
location /assets/ { | |
expires max; | |
add_header Cache-Control public; | |
} | |
location @diaspora { | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_set_header Host $http_host; | |
proxy_redirect off; | |
proxy_pass http://localhost:3000; | |
} | |
listen [::]:443 ssl ipv6only=on; # managed by Certbot | |
listen 443 ssl; # managed by Certbot | |
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem; # managed by Certbot | |
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem; # managed by Certbot | |
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | |
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | |
} | |
server { | |
if ($host = example.org) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
listen 80; | |
listen [::]:80; | |
server_name example.org; | |
return 404; # managed by Certbot | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment