859
edits
Changes
From SME Server
Jump to navigationJump to searchno edit summary
config setprop nginx TCPPorts 80,443
config setprop nginx TCPPorts 80,443
signal-event remoteaccess-update
signal-event remoteaccess-update
==Start==
===Start===
/etc/rc.d/init.d/nginx start
/etc/rc.d/init.d/nginx start
===Sample configurations===
These are JUST samples. You will need to work out your own.
default.conf
server {
# Listen on 80
listen your.external.ip.address:80;
# Disable IPv6
# listen [::]:80;
server_name domain.com host.domain.com;
# Passthru letsencrypt
location '/.well-known/acme-challenge' {
default_type "text/plain";
#root /tmp/letsencrypt-auto;
root /home/e-smith/files/ibays/Primary/html;
}
# Upgrade everything else to https
location / {
return 301 https://$server_name$request_uri;
}
}
This is my rocket chat reverse proxy with websockets as an example:
# Upstreams
upstream backend {
server 127.0.0.1:3000;
}
# HTTPS Server
server {
listen your.external.ip.address:443;
server_name domain.com host.domain.com;
# You can increase the limit if your need to.
client_max_body_size 200M;
error_log /var/log/nginx/rocketchat.access.log;
ssl on;
#ssl_certificate /etc/nginx/certificate.crt;
#ssl_certificate_key /etc/nginx/certificate.key;
ssl_certificate /etc/dehydrated/certs/reetspetit.info/fullchain.pem;
ssl_certificate_key /etc/dehydrated/certs/reetspetit.info/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE
location / {
proxy_pass http://backend/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}
