64 lines
1.9 KiB
Plaintext
64 lines
1.9 KiB
Plaintext
#
|
|
# Sample configuration for NGINX. Redirects http to https, and proxies
|
|
# https to localhost:4918.
|
|
#
|
|
# Replace SERVERNAME with the name of your server.
|
|
#
|
|
# On Debian, this config file can be put in /etc/nginx/sites-available/.
|
|
#
|
|
|
|
# Upstream server definition.
|
|
upstream webdav-rs {
|
|
server 127.0.0.1:4918;
|
|
keepalive 100;
|
|
keepalive_requests 100000;
|
|
keepalive_timeout 120s;
|
|
}
|
|
|
|
# Listener on port 80 that redirects to https.
|
|
server {
|
|
listen *:80;
|
|
listen [::]:80 ;
|
|
return 301 https://$host$request_uri;
|
|
autoindex off;
|
|
server_name SERVERNAME.example.com;
|
|
access_log /var/log/nginx/SERVERNAME.access.log;
|
|
error_log /var/log/nginx/SERVERNAME.error.log;
|
|
}
|
|
|
|
# The actual proxy on port 443.
|
|
server {
|
|
listen *:443 ssl http2;
|
|
listen [::]:443 ssl http2 ;
|
|
|
|
server_name SERVERNAME.example.com;
|
|
|
|
ssl_certificate /etc/letsencrypt/SERVERNAME/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/SERVERNAME/privkey.pem;
|
|
ssl_session_cache shared:SSL:10m;
|
|
ssl_session_timeout 5m;
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
access_log /var/log/nginx/SERVERNAME.access.log;
|
|
error_log /var/log/nginx/SERVERNAME-dev.error.log;
|
|
|
|
location / {
|
|
proxy_buffering off;
|
|
client_max_body_size 0;
|
|
proxy_pass http://webdav-rs;
|
|
proxy_read_timeout 120s;
|
|
proxy_connect_timeout 90s;
|
|
proxy_send_timeout 90s;
|
|
proxy_redirect off;
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Ssl on;
|
|
proxy_set_header Connection "";
|
|
proxy_pass_header Date;
|
|
proxy_pass_header Server;
|
|
}
|
|
}
|