Created
April 15, 2021 11:50
-
-
Save hsouna/e2a6c3baf252d9d7279bf65f664e3227 to your computer and use it in GitHub Desktop.
nginx_default
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## | |
# You should look at the following URL's in order to grasp a solid understanding | |
# of Nginx configuration files in order to fully unleash the power of Nginx. | |
# https://www.nginx.com/resources/wiki/start/ | |
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ | |
# https://wiki.debian.org/Nginx/DirectoryStructure | |
# | |
# In most cases, administrators will remove this file from sites-enabled/ and | |
# leave it as reference inside of sites-available where it will continue to be | |
# updated by the nginx packaging team. | |
# | |
# This file will automatically load configuration files provided by other | |
# applications, such as Drupal or Wordpress. These applications will be made | |
# available underneath a path with that package name, such as /drupal8. | |
# | |
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. | |
## | |
upstream dns-backend { | |
server 127.0.0.1:8053; | |
} | |
# Default server configuration | |
# | |
server { | |
listen 80 default_server; | |
listen [::]:80 default_server; | |
root /var/www/html; | |
# Add index.php to the list if you are using PHP | |
index index.html index.htm index.nginx-debian.html; | |
server_name _; | |
location / { | |
# First attempt to serve request as file, then | |
# as directory, then fall back to displaying a 404. | |
try_files $uri $uri/ =404; | |
} | |
} | |
server{ | |
root /var/www/html; | |
# Add index.php to the list if you are using PHP | |
index index.html index.htm index.nginx-debian.html; | |
server_name dns.barac.io; # managed by Certbot | |
location / { | |
# First attempt to serve request as file, then | |
# as directory, then fall back to displaying a 404. | |
try_files $uri $uri/ =404; | |
} | |
location /dns-query { | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-NginX-Proxy true; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_redirect off; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_read_timeout 86400; | |
proxy_pass http://dns-backend/dns-query ; | |
} | |
listen [::]:443 ssl ipv6only=on; # managed by Certbot | |
listen 443 ssl; # managed by Certbot | |
ssl_certificate /etc/letsencrypt/live/dns.barac.io/fullchain.pem; # managed by Certbot | |
ssl_certificate_key /etc/letsencrypt/live/dns.barac.io/privkey.pem; # managed by Certbot | |
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | |
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | |
} | |
server { | |
if ($host = dns.barac.io) { | |
return 301 https://$host$request_uri; | |
} # managed by Certbot | |
listen 80 ; | |
listen [::]:80 ; | |
server_name dns.barac.io; | |
return 404; # managed by Certbot | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment