Skip to content

Instantly share code, notes, and snippets.

@mcnaveen

mcnaveen/freshrss.conf

Created July 10, 2023 05:47
Show Gist options
  • Save mcnaveen/5609cc054526811e624c0496dc2ee50f to your computer and use it in GitHub Desktop.
Save mcnaveen/5609cc054526811e624c0496dc2ee50f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
freshrss.conf
upstream freshrss {
server 127.0.0.1:3500;
keepalive 64;
}
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name sub.domain.com;
# Redirect HTTP to HTTPS - Remove this if you are Not Configuring SSL for your Site
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
access_log /var/log/nginx/horoscope-access.log;
error_log /var/log/nginx/horoscope-error.log;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://freshrss;
proxy_http_version 1.1;
proxy_set_header Connection '';
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
proxy_hide_header X-powered-by;
}
client_max_body_size 70m;
ssl_certificate /etc/letsencrypt/live/sub.domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/sub.domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
add_header Strict-Transport-Security max-age=63072000;
add_header X-XSS-Protection "1; mode=block";
# add_header X-Frame-Options SAMEORIGIN;
# add_header X-Content-Type-Options nosniff;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment