Created
December 17, 2016 06:42
-
-
Save linuxsimba/5a295ff2a333bded04d366b95fcc99c6 to your computer and use it in GitHub Desktop.
ssl nginx acting as jekyll proxy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user nginx; | |
| worker_processes 1; | |
| error_log /var/log/nginx/error.log warn; | |
| pid /var/run/nginx.pid; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include /etc/nginx/mime.types; | |
| default_type application/octet-stream; | |
| access_log /var/log/nginx/access.log main; | |
| sendfile on; | |
| #tcp_nopush on; | |
| keepalive_timeout 65; | |
| #gzip on; | |
| # Redirect all unsecured port 80 traffic to the secure port 443. | |
| server { | |
| listen 0.0.0.0:80; | |
| return 301 https://$host$request_uri; | |
| } | |
| server { | |
| listen 0.0.0.0:443 ssl; | |
| ssl_certificate /etc/ssl/certs/linuxsimba.crt; | |
| ssl_certificate_key /etc/ssl/private/linuxsimba.key; | |
| # default settings for Nginx 1.10.2. Just mentioning it for | |
| # educational purposes. Older versions of Nginx have different cipher | |
| # protocol settings. | |
| ssl_ciphers HIGH:!aNULL:!MD5; | |
| ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
| location / { | |
| proxy_read_timeout 120; | |
| # Using docker to house jekyll container and nginx container | |
| # linuxsimba-blog is the docker network name for the jekyll container | |
| # on a bare-metal host proxy_pass will probably be http://localhost:4000 | |
| proxy_pass http://linuxsimba-blog:4000; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment