Skip to content

Instantly share code, notes, and snippets.

@BrianGilbert

BrianGilbert/nginx_wild_ssl.conf

Last active December 30, 2015 02:09
Show Gist options
  • Save BrianGilbert/7760457 to your computer and use it in GitHub Desktop.
Save BrianGilbert/7760457 to your computer and use it in GitHub Desktop.
Download ZIP
SSL config file for OSX Aegir installer, goes in /var/aegir/config/server_master/nginx/pre.d
Raw
nginx_wild_ssl.conf
### /var/aegir/config/server_master/nginx/pre.d/nginx_wild_ssl.conf
upstream nginx_http {
server localhost:80;
}
server {
listen *:443 ssl spdy;
server_name _;
ssl on;
ssl_certificate /usr/local/etc/ssl/private/nginx-wild-ssl.crt;
ssl_certificate_key /usr/local/etc/ssl/private/nginx-wild-ssl.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout 70;
access_log off;
log_not_found off;
###
### Deny known crawlers.
###
if ($is_crawler) {
return 403;
}
location / {
proxy_pass http://nginx_http;
proxy_redirect off;
gzip_vary off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-By $server_addr:$server_port;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Local-Proxy $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_header Set-Cookie;
proxy_pass_header Cookie;
proxy_pass_header X-Accel-Expires;
proxy_pass_header X-Accel-Redirect;
proxy_pass_header X-This-Proto;
proxy_connect_timeout 180;
proxy_send_timeout 180;
proxy_read_timeout 180;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment