50 lines
1.2 KiB
Plaintext
50 lines
1.2 KiB
Plaintext
|
|
server {
|
|
listen 80;
|
|
server_name video.vizier.dev;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://video.vizier.dev$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name video.vizier.dev;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/video.vizier.dev/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/video.vizier.dev/privkey.pem;
|
|
|
|
#auth_basic "Vizier Video Rooms";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://127.0.0.1:3000;
|
|
proxy_read_timeout 600s;
|
|
proxy_send_timeout 600s;
|
|
proxy_connect_timeout 20s;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
|
|
|