limin.zhang/waylens-deploy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
waylens-deploy/nginx/kowl.conf

59 lines
1.8 KiB
Plaintext
Raw Blame History

upstream kowl {
server 172.20.24.171:8080;
}
server {
listen 80;
server_name kowl.prd.eveus.com;
# SSL is enabled forcefully
location / {
rewrite ^(.*)$ https://$host$1 permanent;
}
}
server {
listen 443 ssl;
server_name kowl.prd.eveus.com;
ssl_certificate /etc/nginx/keys/wild.eveus.com/fullchain.pem;
ssl_certificate_key /etc/nginx/keys/wild.eveus.com/privkey.pem;
# enable OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:!aNULL:!MD5:!DSS:!EDH;
location ~ /api/topics/(.*)/messages$ {
proxy_pass http://kowl;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location / {
# disable any limits to avoid HTTP 413 for large image uploads
client_max_body_size 0;
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding on;
proxy_pass http://kowl;
proxy_set_header SSL_CLIENT_CERT $a$b$c$d$e$f$g$h$i$j$k$l$m$n$o$p$q$r$s$t$u$v$w$x$y$z;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_set_header Authorization "";
#auth_basic "Access Eveus";
#auth_basic_user_file /etc/nginx/keys/htpasswd;
}
}
Reference in New Issue View Git Blame Copy Permalink