xmr-remote-nodes/deployment/nginx/vhost.conf

78 lines
2.4 KiB
Nginx Configuration File
Raw Normal View History

# Example nginx virtual host config
#
# The directory structure for this Nginx configuration example is following
# my `nginx-kickstart` project. For more information, please refer to
# https://github.com/ditatompel/nginx-kickstart.
#
# NOTE: the `listen http2` directive is not set because it is deprecated since
# Nginx v1.25.x.
upstream xmr_remote_nodes_app {
keepalive 8;
server 127.0.0.1:18901;
}
server {
if ($host = xmr.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name xmr.example.com;
root /srv/http/default;
access_log off;
location /.well-known/acme-challenge/ { allow all; }
location / { return 301 https://$host$request_uri; }
}
server {
server_name xmr.example.com;
listen 443 ssl;
ssl_certificate /etc/nginx/certs/fullchain.pem;
ssl_certificate_key /etc/nginx/certs/privkey.pem;
# See https://github.com/ditatompel/nginx-kickstart/blob/main/etc/nginx/snippets/ssl-params.conf
include /etc/nginx/snippets/ssl-params.conf;
error_log /var/log/nginx/xmr.example.com.error.log;
root /srv/http/default;
index index.html;
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Download-Options noopen;
location = /robots.txt {
log_not_found off;
access_log off;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_pass http://xmr_remote_nodes_app/robots.txt;
}
location ~* \.(?:ico|css|js|gif|jpe?g|png|webp|ttf|woff|woff2|svg|eot)$ {
access_log off;
expires max;
add_header Pragma public;
add_header Cache-Control "public";
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_pass http://xmr_remote_nodes_app;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# For keepalive, the proxy_http_version directive should be set to “1.1”
# and the “Connection” header field should be cleared.
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_pass http://xmr_remote_nodes_app/;
}
}
# vim: ft=nginx ts=4 sw=4 et