|
- server {
- listen [::]:443 default_server ssl;
- listen 443 default_server ssl;
-
- server_name phntsm.ddns.net;
-
- ssl_certificate "/etc/ssl/nginx/phntsm.ddns.net.crt";
- ssl_certificate_key "/etc/ssl/nginx/phntsm.ddns.net.key";
- ssl_dhparam "/etc/ssl/nginx/phntsm.ddns.net.dhparam";
-
- ssl_session_timeout 5m;
- ssl_protocols TLSv1.2;
- ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
- ssl_session_cache shared:SSL:50m;
- ssl_prefer_server_ciphers on;
-
- root /var/www/html;
- index index.html;
-
- location / {
- # First attempt to serve request as file, then
- # as directory, then fall back to displaying a 404.
- # try_files $uri $uri/ =404;
-
- set_real_ip_from unix:;
- real_ip_header X-Forwarded-For;
- real_ip_recursive on;
-
- client_max_body_size 8m;
- #auth_basic "Restricted Content";
- #auth_basic_user_file /etc/nginx/.htpasswd;
-
- proxy_read_timeout 300;
- proxy_connect_timeout 300;
- proxy_send_timeout 300;
- fastcgi_read_timeout 300;
-
- proxy_pass http://127.0.0.1:5005;
- include /etc/nginx/fastcgi_params;
- include /etc/nginx/proxy_params;
- }
-
- # /~user web directories
- location ~ ^/~(.+?)(/.*)?$ {
- alias /home/$1/www$2;
- index index.html index.htm;
- autoindex on;
- }
-
- # location /_/static/assets/ {
- # alias /home/git/public/;
- # }
-
- location /git/ {
- auth_basic "Restricted Content";
- auth_basic_user_file /etc/nginx/.htpasswd;
-
- proxy_read_timeout 300;
- proxy_connect_timeout 300;
- proxy_send_timeout 300;
- fastcgi_read_timeout 300;
-
- client_max_body_size 512M;
- # make nginx use unescaped URI, keep "%2F" as is
- rewrite ^ $request_uri;
- rewrite ^/git(/.*) $1 break;
- proxy_pass http://127.0.0.1:3000$uri;
- include /etc/nginx/fastcgi_params;
- include /etc/nginx/proxy_params;
- }
-
- location ~ /collectd/ {
- gzip off;
- root /home/user/code/alpine-collectd-web;
-
- auth_basic "Restricted Content";
- auth_basic_user_file /etc/nginx/.htpasswd;
-
- proxy_read_timeout 300;
- proxy_connect_timeout 300;
- proxy_send_timeout 300;
- fastcgi_read_timeout 300;
-
- #proxy_http_version 1.1;
- rewrite ^/collectd/(.*) /$1 break;
- proxy_pass http://127.0.0.1:8888;
- }
-
- location ~ /psy/ {
- auth_basic "Restricted Content";
- auth_basic_user_file /etc/nginx/.htpasswd;
-
- proxy_read_timeout 300;
- proxy_connect_timeout 300;
- proxy_send_timeout 300;
- fastcgi_read_timeout 300;
-
- #proxy_http_version 1.1;
- # rewrite ^/psy/(.*) /$1 break;
- include /etc/nginx/proxy_params;
- proxy_pass http://127.0.0.1:9292;
- }
-
- # location ~ \.php$ {
- # include /etc/nginx/fastcgi_params;
- # include /etc/nginx/proxy_params;
- # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- # # fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
- # fastcgi_pass unix:/var/run/php/php-fpm.sock;
- # }
-
- # location ~ /phpmyadmin/ {
- # auth_basic "Restricted Content";
- # auth_basic_user_file /etc/nginx/.htpasswd;
- # index index.php;
- # }
-
- location ~ /\.ht {
- deny all;
- }
-
- }
|