Startsida Utforska Hjälp
Logga in
studen
/
rproxyDocker
1
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Träd: a880a1c527
Grenar Taggar
rproxyDocker
/
config
/
conf.d
/
labkey.conf.off

labkey.conf.off 1.7 KB
Historik

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. upstream xlabkey{
    2. 

  2.   server labkey-web:8080;
    3. 

  3. }
    4. 

  4. 

  5. #HTTP -> redirect
    6. 

  6. #server {
    7. 

  7. #    listen       80;
    8. 

  8. #    listen  [::]:80;
    9. 

  9. #    server_name merlin.fmf.uni-lj.si;
    10. 

  10. #    return 301 https://$host$request_uri;
    11. 

  11. #}
    12. 

  12. 

  13. 

  14. 

  15. 

  16. #HTTPS
    17. 

  17. server {
    18. 

  18.     listen 443 ssl;
    19. 

  19.     listen [::]:443 ssl; 
    20. 

  20.     server_name localhost;
    21. 

  21. 

  22.     charset utf-8;
    23. 

  23.     keepalive_timeout 5;
    24. 

  24.     
    25. 

  25.     #SSL
    26. 

  26.     ssl_certificate /var/www/localhostBundle.crt;
    27. 

  27.     ssl_certificate_key /var/www/localhost.key;
    28. 

  28.     ssl_session_timeout 1d;
    29. 

  29.     ssl_session_cache shared:SSL:50m;
    30. 

  30.     ssl_session_tickets off;
    31. 

  31. 

  32.     ssl_verify_client on;
    33. 

  33.     ssl_client_certificate /var/www/NIXLJU-CA_chain.crt;
    34. 

  34. 

  35.     #Hardening
    36. 

  36.     # Accepted protocols and ciphers
    37. 

  37.     #ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    38. 

  38.     ssl_protocols TLSv1.2;
    39. 

  39.     ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
    40. 

  40.     ssl_prefer_server_ciphers on;
    41. 

  41. 

  42.     add_header Strict-Transport-Security "max-age=15768000"; # 6 months
    43. 

  43.   
    44. 

  44.     error_page   500 502 503 504  /50x.html;
    45. 

  45.     location = /50x.html {
    46. 

  46.         root   /usr/share/nginx/html;
    47. 

  47.     }
    48. 

  48.     
    49. 

  49. #    location /{
    50. 

  50. #	root /var/www/landing;	
    51. 

  51. #    }
    52. 

  52.     location /{
    53. 

  53. 	proxy_pass http://labkey-web:8080/;
    54. 

  54. #	proxy_redirect http://labkey-web:8080/ https://merlin.fmf.uni-lj.si/;
    55. 

  55. #	proxy_redirect https://xlabkey/ https://merlin.fmf.uni-lj.si/;
    56. 

  56. #	proxy_set_header Host $proxy_host;
    57. 

  57. #	proxy_set_header X-Real-IP $remote_addr;
    58. 

  58. #	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    59. 

  59. #	proxy_set_header X-Forwarded-Proto $scheme;
    60. 

  60. 	#client_max_body_size 0;
    61. 

  61.     }
    62. 

  62.     #
    63. 

  63. 

  64. }
    65. 

  65.