content
This commit is contained in:
Marc Beninca
parent
5dba54b9d5
commit
2c273a2626
100 changed files with 1534 additions and 0 deletions
77
source/nginx/configure.rst
Normal file
77
source/nginx/configure.rst
Normal file
|
|
@ -0,0 +1,77 @@
|
|||
*********
|
||||
Configure
|
||||
*********
|
||||
|
||||
* /etc/nginx/nginx.conf
|
||||
|
||||
.. code::
|
||||
|
||||
pid /run/nginx.pid;
|
||||
user user;
|
||||
worker_processes auto;
|
||||
|
||||
events {
|
||||
multi_accept off;
|
||||
worker_connections 512;
|
||||
}
|
||||
|
||||
http {
|
||||
# General
|
||||
|
||||
keepalive_timeout 60;
|
||||
sendfile on;
|
||||
server_tokens off;
|
||||
tcp_nopush on;
|
||||
tcp_nodelay on;
|
||||
types_hash_max_size 2048;
|
||||
|
||||
# Names
|
||||
|
||||
server_name_in_redirect off;
|
||||
server_names_hash_bucket_size 128;
|
||||
|
||||
# File types
|
||||
|
||||
include /etc/nginx/mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
# Security
|
||||
|
||||
ssl_buffer_size 8k;
|
||||
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,ECDHE-ECDSA-AES256-SHA,DHE-DSS-AES256-GCM-SHA384,DHE-RSA-AES256-GCM-SHA384,DHE-RSA-AES256-SHA256,DHE-DSS-AES256-SHA256,DHE-RSA-AES256-SHA,DHE-DSS-AES256-SHA";
|
||||
ssl_dhparam /etc/nginx/dhparam;
|
||||
ssl_ecdh_curve secp384r1;
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_session_cache shared:ssl_session_cache:16m;
|
||||
ssl_session_timeout 15m;
|
||||
|
||||
# Log
|
||||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
# Compression
|
||||
|
||||
gzip on;
|
||||
gzip_buffers 32 8k;
|
||||
gzip_comp_level 5;
|
||||
gzip_http_version 1.1;
|
||||
gzip_proxied any;
|
||||
gzip_types *;
|
||||
gzip_vary off;
|
||||
|
||||
# Misc
|
||||
|
||||
add_header Strict-Transport-Security max-age=31557600;
|
||||
client_max_body_size 16m;
|
||||
index index.html;
|
||||
proxy_pass_request_body on;
|
||||
proxy_pass_request_headers on;
|
||||
proxy_redirect off;
|
||||
|
||||
# Includes
|
||||
|
||||
include /etc/nginx/sites-enabled/*;
|
||||
}
|
||||
|
||||
8
source/nginx/index.rst
Normal file
8
source/nginx/index.rst
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
#####
|
||||
NginX
|
||||
#####
|
||||
|
||||
.. toctree::
|
||||
|
||||
configure
|
||||
serve
|
||||
37
source/nginx/serve.rst
Normal file
37
source/nginx/serve.rst
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
*****
|
||||
Serve
|
||||
*****
|
||||
|
||||
* /etc/nginx/sites-available/…
|
||||
|
||||
.. code::
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name _;
|
||||
location "/mirrors" {
|
||||
root "/";
|
||||
autoindex on;
|
||||
}
|
||||
location "/" {
|
||||
root "/data/http";
|
||||
autoindex on;
|
||||
}
|
||||
}
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name "sous.domaine.tld";
|
||||
ssl_certificate "/etc/nginx/certificates/nom.crt";
|
||||
ssl_certificate_key "/etc/nginx/certificates/nom.key";
|
||||
location "/static" {
|
||||
root "/data/https";
|
||||
default_type "text/html";
|
||||
index "index.html";
|
||||
}
|
||||
location "/" {
|
||||
proxy_pass "http://127.0.0.1:8069";
|
||||
proxy_redirect off;
|
||||
proxy_set_header Host $host;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue