You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
89 lines
2.5 KiB
89 lines
2.5 KiB
server {
|
|
# server_name 176.121.11.165 expomap.ru www.expomap.ru dev.expomap.ru;
|
|
listen 80;
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
|
|
geo $maintenance {
|
|
default yes;
|
|
127.0.0.1/32 no;
|
|
31.43.24.170/24 no;
|
|
}
|
|
|
|
server {
|
|
listen 443;
|
|
server_name 176.121.11.165 www.expomap.ru expomap.ru dev.expomap.ru;
|
|
#ssl_stapling on;
|
|
ssl on;
|
|
ssl_certificate /etc/nginx/ssl/expomap.ru.crt;
|
|
ssl_certificate_key /etc/nginx/ssl/expomap.ru.key;
|
|
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
|
|
ssl_session_timeout 24h;
|
|
ssl_session_cache shared:SSL:25m;
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
ssl_ciphers kEECDH+AES128:kEECDH:kEDH:-3DES:kRSA+AES128:kEDH+3DES:DES-CBC3-SHA:!RC4:!aNULL:!eNULL:!MD5:!EXPORT:!LOW:!SEED:!CAMELLIA:!IDEA:!PSK:!SRP:!SSLv2;
|
|
ssl_prefer_server_ciphers on;
|
|
add_header Strict-Transport-Security "max-age=31536000;";
|
|
add_header Content-Security-Policy-Report-Only "default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:";
|
|
|
|
client_header_timeout 360s;
|
|
|
|
error_page 503 /dev_work.html;
|
|
|
|
location / {
|
|
if ($maintenance = yes) {
|
|
return 503;
|
|
}
|
|
auth_basic "Unauthorized";
|
|
auth_basic_user_file /home/www/proj/.htpasswd;
|
|
proxy_pass http://127.0.0.1:8080/;
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
|
|
include /etc/nginx/geoip_proxy.conf;
|
|
|
|
client_max_body_size 100m;
|
|
client_body_buffer_size 128k;
|
|
|
|
proxy_connect_timeout 90;
|
|
proxy_send_timeout 90;
|
|
proxy_read_timeout 90;
|
|
proxy_buffer_size 16k;
|
|
proxy_buffers 256 8k;
|
|
proxy_busy_buffers_size 2000k;
|
|
proxy_temp_file_write_size 2048k;
|
|
}
|
|
|
|
|
|
location /965E1EE7949FD639CA0124C8D8C57774.txt {
|
|
root /home/www/proj/;
|
|
}
|
|
|
|
location /4885b11a73674eb6d54593c1d7efd758821e5ee79b8132feecaba10560f0123a.html {
|
|
root /home/www/proj/support;
|
|
}
|
|
|
|
|
|
location /static {
|
|
root /home/www/proj;
|
|
}
|
|
location /media {
|
|
root /home/www/proj;
|
|
}
|
|
|
|
location /templates {
|
|
root /home/www/proj/static;
|
|
}
|
|
location /subdmn {
|
|
root /home/old_files;
|
|
}
|
|
|
|
location = /dev_work.html {
|
|
root /home/www/proj/support/;
|
|
internal;
|
|
}
|
|
|
|
}
|
|
|
|
|