random-robbie · September 29, 2015 07:11
diff --git a/brokenSSL b/brokenSSL
 events {
    worker_connections  1024;
 	
 }
 user  www-data;
 worker_processes 4;

 http {
 # Basic Settings
 	sendfile on;
 	keepalive_timeout 2;
 	
 	include /etc/nginx/mime.types;
 	default_type application/octet-stream;

 	# Logging Settings
 	access_log /var/log/nginx/access.log;
 	error_log /var/log/nginx/error.log;

 	# Gzip Settings
 	gzip on;
 	gzip_disable "msie6";
 	
 	
 server {
 	listen       80;
 	

 	
 	location / {
    # If a request to / comes in, 301 redirect to the main plex page,
    # but only if it doesn't contain the X-Plex-Device-Name header or query argument.
    # This fixes a bug where you get permission issues when accessing the web dashboard.
    

    proxy_pass http://$host$uri;
     proxy_set_header Accept-Encoding "";
     proxy_redirect off;
     proxy_buffering off;
     resolver 8.8.8.8;
     proxy_set_header X-Forwarded-For 209.239.112.104;
     proxy_set_header X-Real-IP 209.239.112.104;
     proxy_set_header        X-Forwarded-Proto $scheme;
 	 add_header              Front-End-Https   on;
 
    
  }
  }
  
  server {
 	listen       443;
 	### ssl ###
 ssl                     on;
 #ssl_stapling           off; # selfsigned=off
 #ssl_stapling_verify    off; # selfsigned=off
 ssl_prefer_server_ciphers on;
 ssl_protocols           TLSv1 TLSv1.1 TLSv1.2;
 ssl_ciphers             HIGH:!RC4:!3DES:!aDSS:!aNULL:!kPSK:!kSRP:!MD5:@STRENGTH:+SHA1:+kRSA;
 ssl_session_cache       shared:TLSSL:16m;
 ssl_session_timeout     10m;
 ssl_certificate         /etc/nginx/ssl/example.com.crt;
 ssl_certificate_key     /etc/nginx/ssl/example.com.key;

 	
 	location / {
    # If a request to / comes in, 301 redirect to the main plex page,
    # but only if it doesn't contain the X-Plex-Device-Name header or query argument.
    # This fixes a bug where you get permission issues when accessing the web dashboard.
    

    proxy_pass https://$host$uri;
     proxy_set_header Accept-Encoding "";
     proxy_redirect off;
     proxy_buffering off;
     resolver 8.8.8.8;
     proxy_set_header X-Forwarded-For 209.239.112.104;
     proxy_set_header X-Real-IP 209.239.112.104;
    
  }
  }
  
  
  
  
  
  
  
 }
	events {
	worker_connections 1024;

	}
	user www-data;
	worker_processes 4;

	http {
	# Basic Settings
	sendfile on;
	keepalive_timeout 2;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	# Logging Settings
	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	# Gzip Settings
	gzip on;
	gzip_disable "msie6";


	server {
	listen 80;



	location / {
	# If a request to / comes in, 301 redirect to the main plex page,
	# but only if it doesn't contain the X-Plex-Device-Name header or query argument.
	# This fixes a bug where you get permission issues when accessing the web dashboard.


	proxy_pass http://$host$uri;
	proxy_set_header Accept-Encoding "";
	proxy_redirect off;
	proxy_buffering off;
	resolver 8.8.8.8;
	proxy_set_header X-Forwarded-For 209.239.112.104;
	proxy_set_header X-Real-IP 209.239.112.104;
	proxy_set_header X-Forwarded-Proto $scheme;
	add_header Front-End-Https on;


	}
	}

	server {
	listen 443;
	### ssl ###
	ssl on;
	#ssl_stapling off; # selfsigned=off
	#ssl_stapling_verify off; # selfsigned=off
	ssl_prefer_server_ciphers on;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers HIGH:!RC4:!3DES:!aDSS:!aNULL:!kPSK:!kSRP:!MD5:@STRENGTH:+SHA1:+kRSA;
	ssl_session_cache shared:TLSSL:16m;
	ssl_session_timeout 10m;
	ssl_certificate /etc/nginx/ssl/example.com.crt;
	ssl_certificate_key /etc/nginx/ssl/example.com.key;


	location / {
	# If a request to / comes in, 301 redirect to the main plex page,
	# but only if it doesn't contain the X-Plex-Device-Name header or query argument.
	# This fixes a bug where you get permission issues when accessing the web dashboard.


	proxy_pass https://$host$uri;
	proxy_set_header Accept-Encoding "";
	proxy_redirect off;
	proxy_buffering off;
	resolver 8.8.8.8;
	proxy_set_header X-Forwarded-For 209.239.112.104;
	proxy_set_header X-Real-IP 209.239.112.104;

	}
	}







	}