| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 |
- server {
- listen 80;
- server_name SERVER_NAME;
-
- return 301 https://$host$request_uri;
- }
- server {
- listen 443 ssl;
- server_name SERVER_NAME;
- ssl_certificate /etc/letsencrypt/live/SERVER_NAME/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/SERVER_NAME/privkey.pem;
- ssl_session_timeout 5m;
- ssl_protocols TLSv1.2 TLSv1.3;
- ssl_ciphers HIGH:!aNULL:!MD5;
- ssl_prefer_server_ciphers on;
- client_max_body_size 1024m;
- location /group/signal {
- proxy_pass http://serve:8080;
- proxy_http_version 1.1;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection "upgrade";
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Proto $scheme;
- }
- location /files/ {
- root /var/lib/webpage/;
- }
- location / {
- proxy_set_header Host $host;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;
- if ($request_method = 'OPTIONS') {
- add_header 'Access-Control-Allow-Origin' '$http_origin';
- add_header 'Access-Control-Allow-Methods' '*';
- add_header 'Access-Control-Allow-Headers' '*';
- add_header 'Access-Control-Allow-Credentials' 'true';
- add_header 'Content-Type' 'text/plain; charset=utf-8';
- add_header 'Content-Length' 0;
- return 204;
- }
- if ($http_dandelion_service = true) {
- proxy_pass http://serve:8192;
- break;
- }
- proxy_pass http://serve:8080;
- }
- }
|
