mirror of
https://github.com/ditatompel/xmr-remote-nodes.git
synced 2024-11-16 17:07:36 +00:00
5fae3d565a
The `tools` directory contains example ansible playbook, systemd example, and Nginx configuration example for the server. The directory name `deployment` for that stuffs much more suitable.
77 lines
2.4 KiB
Nginx Configuration File
77 lines
2.4 KiB
Nginx Configuration File
# Example nginx virtual host config
|
|
#
|
|
# The directory structure for this Nginx configuration example is following
|
|
# my `nginx-kickstart` project. For more information, please refer to
|
|
# https://github.com/ditatompel/nginx-kickstart.
|
|
#
|
|
# NOTE: the `listen http2` directive is not set because it is deprecated since
|
|
# Nginx v1.25.x.
|
|
upstream xmr_remote_nodes_app {
|
|
keepalive 8;
|
|
server 127.0.0.1:18901;
|
|
}
|
|
|
|
server {
|
|
if ($host = xmr.example.com) {
|
|
return 301 https://$host$request_uri;
|
|
} # managed by Certbot
|
|
|
|
listen 80;
|
|
server_name xmr.example.com;
|
|
root /srv/http/default;
|
|
access_log off;
|
|
location /.well-known/acme-challenge/ { allow all; }
|
|
location / { return 301 https://$host$request_uri; }
|
|
}
|
|
|
|
server {
|
|
server_name xmr.example.com;
|
|
listen 443 ssl;
|
|
|
|
ssl_certificate /etc/nginx/certs/fullchain.pem;
|
|
ssl_certificate_key /etc/nginx/certs/privkey.pem;
|
|
|
|
# See https://github.com/ditatompel/nginx-kickstart/blob/main/etc/nginx/snippets/ssl-params.conf
|
|
include /etc/nginx/snippets/ssl-params.conf;
|
|
|
|
error_log /var/log/nginx/xmr.example.com.error.log;
|
|
|
|
root /srv/http/default;
|
|
index index.html;
|
|
|
|
add_header X-Permitted-Cross-Domain-Policies none;
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
add_header X-Download-Options noopen;
|
|
|
|
location = /robots.txt {
|
|
log_not_found off;
|
|
access_log off;
|
|
proxy_set_header Connection "";
|
|
proxy_http_version 1.1;
|
|
proxy_pass http://xmr_remote_nodes_app/robots.txt;
|
|
}
|
|
|
|
location ~* \.(?:ico|css|js|gif|jpe?g|png|webp|ttf|woff|woff2|svg|eot)$ {
|
|
access_log off;
|
|
expires max;
|
|
add_header Pragma public;
|
|
add_header Cache-Control "public";
|
|
proxy_set_header Connection "";
|
|
proxy_http_version 1.1;
|
|
proxy_pass http://xmr_remote_nodes_app;
|
|
}
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
# For keepalive, the proxy_http_version directive should be set to “1.1”
|
|
# and the “Connection” header field should be cleared.
|
|
proxy_set_header Connection "";
|
|
proxy_http_version 1.1;
|
|
proxy_pass http://xmr_remote_nodes_app/;
|
|
}
|
|
}
|
|
|
|
# vim: ft=nginx ts=4 sw=4 et
|