June 27, 2014 02:12
diff --git a/gistfile1.txt b/gistfile1.txt
 user www-data;
 worker_processes  2;

 error_log  /var/log/nginx/error.log;
 #pid        /run/nginx.pid;

 events {
    worker_connections  1024;
 }

 http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    keepalive_timeout  65;

    gzip  on;
    gzip_http_version 1.0;
    gzip_min_length 1024;
    gzip_proxied any;
    gzip_buffers 16 8k;
    gzip_types text/plain text/css application/x-javascript text/xml
               application/xml application/xml+rss text/javascript;
    gzip_vary on;

    client_max_body_size 4G;

    server_tokens     off;

    ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!aNULL:!MD5:!EDH;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_session_cache shared:SSL:10m;

    proxy_connect_timeout   59s;
    proxy_send_timeout      600;
    proxy_read_timeout      600;
    proxy_buffer_size       64k;
    proxy_buffers           16 32k;
    proxy_pass_header       Set-Cookie;
    proxy_hide_header       Vary;

    proxy_busy_buffers_size         64k;
    proxy_temp_file_write_size      64k;

    proxy_set_header        Accept-Encoding         '';
    proxy_ignore_headers    Cache-Control           Expires;
    proxy_set_header        Referer                 $http_referer;
    proxy_set_header        Host                    $host;
    proxy_set_header        Cookie                  $http_cookie;
    proxy_set_header        X-Real-IP               $remote_addr;
    proxy_set_header        X-Forwarded-Host        $host;
    proxy_set_header        X-Forwarded-Server      $host;
    proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
    #proxy_set_header       X-Forwarded-For         $remote_addr;
    proxy_set_header        X-Forwarded-Port        '443';
    proxy_set_header        X-Forwarded-Ssl         on;
    proxy_set_header        X-Forwarded-Proto       https;
    proxy_set_header        Authorization           '';

    #proxy_buffering        off;
    #proxy_redirect        off;
    #proxy_redirect        default;
    proxy_redirect         http://vikingchristmasrifle.club/ /;
    proxy_redirect         https://vikingchristmasrifle.club/ /;
    #proxy_redirect        http://$host/ /;
    #proxy_redirect        http:// https://;

    #more_clear_headers    'referer';
    #RequestHeader unset   referer
    #proxy_hide_header     referer;
    #proxy_ignore_headers  referer;



    server {
        listen       80;
        rewrite ^ https://$host$request_uri? permanent;

    }

    server {
        listen       443 ssl;

        satisfy any;
        allow 192.168.1.0/24;
        allow 127.0.0.1/32;
        deny all;
        auth_basic "Restricted";
        auth_basic_user_file /etc/nginx/htpasswd;

        ssl_certificate /etc/ssl/server.crt;
        ssl_certificate_key /etc/ssl/server.key;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;


        location / {
            root /data/www;
        }


        location /sab/ {
            proxy_pass https://192.168.1.242:9090/;
            proxy_redirect default;
        }

        location /tv/ {
            proxy_pass http://192.168.1.242:8989/;
            proxy_redirect default;
        }

        location /movies/ {
            proxy_pass http://192.168.1.242:5050/;
            proxy_redirect default;
            proxy_set_header X-Real-IP  $remote_addr;
            proxy_set_header Host 192.168.1.242:5050;
        }

        error_page  404              /404.html;
        location = /404.html {
            root   /usr/share/nginx/html;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
    }
    include /etc/nginx/conf.d/*.conf;
 }
	user www-data;
	worker_processes 2;

	error_log /var/log/nginx/error.log;
	#pid /run/nginx.pid;

	events {
	worker_connections 1024;
	}

	http {
	include mime.types;
	default_type application/octet-stream;

	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';

	access_log /var/log/nginx/access.log main;
	sendfile on;
	keepalive_timeout 65;

	gzip on;
	gzip_http_version 1.0;
	gzip_min_length 1024;
	gzip_proxied any;
	gzip_buffers 16 8k;
	gzip_types text/plain text/css application/x-javascript text/xml
	application/xml application/xml+rss text/javascript;
	gzip_vary on;

	client_max_body_size 4G;

	server_tokens off;

	ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!aNULL:!MD5:!EDH;
	ssl_prefer_server_ciphers on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_session_cache shared:SSL:10m;

	proxy_connect_timeout 59s;
	proxy_send_timeout 600;
	proxy_read_timeout 600;
	proxy_buffer_size 64k;
	proxy_buffers 16 32k;
	proxy_pass_header Set-Cookie;
	proxy_hide_header Vary;

	proxy_busy_buffers_size 64k;
	proxy_temp_file_write_size 64k;

	proxy_set_header Accept-Encoding '';
	proxy_ignore_headers Cache-Control Expires;
	proxy_set_header Referer $http_referer;
	proxy_set_header Host $host;
	proxy_set_header Cookie $http_cookie;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-Host $host;
	proxy_set_header X-Forwarded-Server $host;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	#proxy_set_header X-Forwarded-For $remote_addr;
	proxy_set_header X-Forwarded-Port '443';
	proxy_set_header X-Forwarded-Ssl on;
	proxy_set_header X-Forwarded-Proto https;
	proxy_set_header Authorization '';

	#proxy_buffering off;
	#proxy_redirect off;
	#proxy_redirect default;
	proxy_redirect http://vikingchristmasrifle.club/ /;
	proxy_redirect https://vikingchristmasrifle.club/ /;
	#proxy_redirect http://$host/ /;
	#proxy_redirect http:// https://;

	#more_clear_headers 'referer';
	#RequestHeader unset referer
	#proxy_hide_header referer;
	#proxy_ignore_headers referer;



	server {
	listen 80;
	rewrite ^ https://$host$request_uri? permanent;

	}

	server {
	listen 443 ssl;

	satisfy any;
	allow 192.168.1.0/24;
	allow 127.0.0.1/32;
	deny all;
	auth_basic "Restricted";
	auth_basic_user_file /etc/nginx/htpasswd;

	ssl_certificate /etc/ssl/server.crt;
	ssl_certificate_key /etc/ssl/server.key;

	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Host $host;
	proxy_set_header X-Forwarded-Server $host;


	location / {
	root /data/www;
	}


	location /sab/ {
	proxy_pass https://192.168.1.242:9090/;
	proxy_redirect default;
	}

	location /tv/ {
	proxy_pass http://192.168.1.242:8989/;
	proxy_redirect default;
	}

	location /movies/ {
	proxy_pass http://192.168.1.242:5050/;
	proxy_redirect default;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header Host 192.168.1.242:5050;
	}

	error_page 404 /404.html;
	location = /404.html {
	root /usr/share/nginx/html;
	}

	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root /usr/share/nginx/html;
	}
	}
	include /etc/nginx/conf.d/*.conf;
	}