argideli/weather_api
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
weather_api/config/nginx.ssl.conf
Argiris Deligiannidis ec9ae3afb3
All checks were successful
continuous-integration/drone/push Build is passing
Details
add nginx configs
2024-04-14 23:21:43 +03:00

65 lines
2.8 KiB
Plaintext
Raw Blame History

server {
listen 443 ssl;
server_name api-weather.argideli.com www.api-weather.argideli.com;
ssl_certificate /etc/letsencrypt/live/argideli.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/argideli.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 64;
client_max_body_size 64M;
http2_chunk_size 8k;
#keepalive_timeout 300;
ssl_session_tickets on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_session_timeout 24h;
ssl_buffer_size 2400;
ssl_stapling on;
ssl_stapling_verify on;
add_header X-Cache-Status $upstream_cache_status;
add_header Alternate-Protocol 443:npn-spdy/3;
access_log /var/log/nginx/api-weather.argideli.com_access.log;
error_log /var/log/nginx/api-weather.argideli.com_error.log;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# common gzip
gzip_types text/css text/scss text/plain text/xml application/xml application/json application/javascript;
gzip on;
location / {
proxy_hide_header 'access-control-allow-origin';
if ($http_origin ~* "^https?://(argideli.com|weather.argideli.com|localhost|localhost:3030|10.1.1.1|10.1.1.1:3030)$") {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
}
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' "$http_origin" always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
return 204;
}
proxy_pass http://localhost:8880;
#proxy_http_version 1.1;
#proxy_set_header X-Forwarded-Proto $scheme;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Reference in New Issue View Git Blame Copy Permalink