nginx.conf
· 13 KiB · Nginx configuration file
Raw
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
error_log /var/log/nginx/error.log;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
# multi_accept on;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
client_max_body_size 200M;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# add_header X-Frame-Options sameorigin always;
# add_header X-Frame-Options SAMEORIGIN always;
add_header X-Frame-Options DENY;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name addie.ornl.gov;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options DENY;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options "SAMEORIGIN";
return 301 https://addie.ornl.gov$request_uri;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name addie.ornl.gov;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options DENY;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options "SAMEORIGIN";
return 301 https://addie.ornl.gov$request_uri;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name addie.ornl.gov;
root /usr/share/nginx/html;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
# add_header X-Frame-Options SAMEORIGIN always;
# add_header X-Frame-Options sameorigin always;
add_header X-Frame-Options "DENY";
ssl_certificate "/home/cloud/packages/addie/certs/addie.pem";
ssl_certificate_key "/home/cloud/packages/addie/certs/addie.key";
location / {
proxy_pass http://localhost:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Frame-Options "DENY" always;
proxy_set_header X-Frame-Options "SAMEORIGIN";
# include uwsgi_params;
# uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock;
}
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 80;
server_name slash.ornl.gov;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options DENY;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options "SAMEORIGIN";
return 301 https://slash.ornl.gov$request_uri;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name slash.ornl.gov;
root /usr/share/nginx/html;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
# add_header X-Frame-Options SAMEORIGIN always;
# add_header X-Frame-Options sameorigin always;
add_header X-Frame-Options "DENY";
ssl_certificate "/home/cloud/packages/slash/slash.pem";
ssl_certificate_key "/home/cloud/packages/slash/slash.key";
location / {
proxy_pass http://localhost:5231;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Frame-Options "DENY" always;
proxy_set_header X-Frame-Options "SAMEORIGIN";
# include uwsgi_params;
# uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock;
}
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 80;
server_name tmapper.ornl.gov;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options DENY;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options "SAMEORIGIN";
return 301 https://tmapper.ornl.gov$request_uri;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name tmapper.ornl.gov;
root /usr/share/nginx/html;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
# add_header X-Frame-Options SAMEORIGIN always;
# add_header X-Frame-Options sameorigin always;
add_header X-Frame-Options "DENY";
ssl_certificate "/home/cloud/packages/teammapper/tmapper.pem";
ssl_certificate_key "/home/cloud/packages/teammapper/tmapper.key";
location / {
proxy_pass http://localhost:8089;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Frame-Options "DENY" always;
proxy_set_header X-Frame-Options "SAMEORIGIN";
# include uwsgi_params;
# uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock;
}
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 80;
server_name rally.ornl.gov;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options DENY;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options "SAMEORIGIN";
return 301 https://rally.ornl.gov$request_uri;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name rally.ornl.gov;
root /usr/share/nginx/html;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
# add_header X-Frame-Options SAMEORIGIN always;
# add_header X-Frame-Options sameorigin always;
add_header X-Frame-Options "DENY";
ssl_certificate "/home/cloud/packages/rallly-selfhosted/rally.pem";
ssl_certificate_key "/home/cloud/packages/rallly-selfhosted/rally.key";
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Frame-Options "DENY" always;
proxy_set_header X-Frame-Options "SAMEORIGIN";
# include uwsgi_params;
# uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock;
}
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 80;
server_name addie-dev.ornl.gov;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options DENY;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header X-Frame-Options "SAMEORIGIN";
return 301 https://addie-dev.ornl.gov$request_uri;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 443 ssl;
server_name addie-dev.ornl.gov;
root /usr/share/nginx/html;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
# add_header X-Frame-Options SAMEORIGIN always;
# add_header X-Frame-Options sameorigin always;
add_header X-Frame-Options "DENY";
ssl_certificate "/home/cloud/packages/addie/certs_dev/addie.pem";
ssl_certificate_key "/home/cloud/packages/addie/certs_dev/addie.key";
location / {
proxy_pass http://localhost:6000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always;
add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Frame-Options "DENY" always;
proxy_set_header X-Frame-Options "SAMEORIGIN";
# include uwsgi_params;
# uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock;
}
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
1 | user www-data; |
2 | worker_processes auto; |
3 | pid /run/nginx.pid; |
4 | include /etc/nginx/modules-enabled/*.conf; |
5 | error_log /var/log/nginx/error.log; |
6 | |
7 | include /usr/share/nginx/modules/*.conf; |
8 | |
9 | events { |
10 | worker_connections 1024; |
11 | # multi_accept on; |
12 | } |
13 | |
14 | http { |
15 | log_format main '$remote_addr - $remote_user [$time_local] "$request" ' |
16 | '$status $body_bytes_sent "$http_referer" ' |
17 | '"$http_user_agent" "$http_x_forwarded_for"'; |
18 | |
19 | client_max_body_size 200M; |
20 | sendfile on; |
21 | tcp_nopush on; |
22 | tcp_nodelay on; |
23 | keepalive_timeout 65; |
24 | types_hash_max_size 2048; |
25 | |
26 | # add_header X-Frame-Options sameorigin always; |
27 | # add_header X-Frame-Options SAMEORIGIN always; |
28 | add_header X-Frame-Options DENY; |
29 | |
30 | include /etc/nginx/mime.types; |
31 | default_type application/octet-stream; |
32 | |
33 | ssl_protocols TLSv1.3 TLSv1.2; |
34 | ssl_prefer_server_ciphers on; |
35 | |
36 | access_log /var/log/nginx/access.log; |
37 | error_log /var/log/nginx/error.log; |
38 | |
39 | include /etc/nginx/conf.d/*.conf; |
40 | |
41 | server { |
42 | listen 80; |
43 | server_name addie.ornl.gov; |
44 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
45 | add_header X-Frame-Options DENY; |
46 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
47 | add_header X-Frame-Options "SAMEORIGIN"; |
48 | return 301 https://addie.ornl.gov$request_uri; |
49 | } |
50 | |
51 | map $http_upgrade $connection_upgrade { |
52 | default upgrade; |
53 | '' close; |
54 | } |
55 | |
56 | server { |
57 | listen 443 ssl; |
58 | server_name addie.ornl.gov; |
59 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
60 | add_header X-Frame-Options DENY; |
61 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
62 | add_header X-Frame-Options "SAMEORIGIN"; |
63 | return 301 https://addie.ornl.gov$request_uri; |
64 | } |
65 | |
66 | map $http_upgrade $connection_upgrade { |
67 | default upgrade; |
68 | '' close; |
69 | } |
70 | |
71 | server { |
72 | listen 443 ssl; |
73 | server_name addie.ornl.gov; |
74 | root /usr/share/nginx/html; |
75 | |
76 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
77 | # add_header X-Frame-Options SAMEORIGIN always; |
78 | # add_header X-Frame-Options sameorigin always; |
79 | add_header X-Frame-Options "DENY"; |
80 | |
81 | ssl_certificate "/home/cloud/packages/addie/certs/addie.pem"; |
82 | ssl_certificate_key "/home/cloud/packages/addie/certs/addie.key"; |
83 | |
84 | location / { |
85 | proxy_pass http://localhost:5000; |
86 | proxy_set_header Host $host; |
87 | proxy_set_header X-Real-IP $remote_addr; |
88 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
89 | proxy_set_header X-Forwarded-Proto $scheme; |
90 | proxy_pass_request_headers on; |
91 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
92 | add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always; |
93 | add_header Pragma "no-cache" always; |
94 | add_header Expires "0" always; |
95 | add_header X-Frame-Options "SAMEORIGIN"; |
96 | add_header X-Frame-Options "DENY" always; |
97 | proxy_set_header X-Frame-Options "SAMEORIGIN"; |
98 | # include uwsgi_params; |
99 | # uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock; |
100 | } |
101 | |
102 | error_page 404 /404.html; |
103 | location = /404.html { |
104 | } |
105 | |
106 | error_page 500 502 503 504 /50x.html; |
107 | location = /50x.html { |
108 | } |
109 | } |
110 | |
111 | server { |
112 | listen 80; |
113 | server_name slash.ornl.gov; |
114 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
115 | add_header X-Frame-Options DENY; |
116 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
117 | add_header X-Frame-Options "SAMEORIGIN"; |
118 | return 301 https://slash.ornl.gov$request_uri; |
119 | } |
120 | |
121 | map $http_upgrade $connection_upgrade { |
122 | default upgrade; |
123 | '' close; |
124 | } |
125 | |
126 | server { |
127 | listen 443 ssl; |
128 | server_name slash.ornl.gov; |
129 | root /usr/share/nginx/html; |
130 | |
131 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
132 | # add_header X-Frame-Options SAMEORIGIN always; |
133 | # add_header X-Frame-Options sameorigin always; |
134 | add_header X-Frame-Options "DENY"; |
135 | |
136 | ssl_certificate "/home/cloud/packages/slash/slash.pem"; |
137 | ssl_certificate_key "/home/cloud/packages/slash/slash.key"; |
138 | |
139 | location / { |
140 | proxy_pass http://localhost:5231; |
141 | proxy_set_header Host $host; |
142 | proxy_set_header X-Real-IP $remote_addr; |
143 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
144 | proxy_set_header X-Forwarded-Proto $scheme; |
145 | proxy_pass_request_headers on; |
146 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
147 | add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always; |
148 | add_header Pragma "no-cache" always; |
149 | add_header Expires "0" always; |
150 | add_header X-Frame-Options "SAMEORIGIN"; |
151 | add_header X-Frame-Options "DENY" always; |
152 | proxy_set_header X-Frame-Options "SAMEORIGIN"; |
153 | # include uwsgi_params; |
154 | # uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock; |
155 | } |
156 | |
157 | error_page 404 /404.html; |
158 | location = /404.html { |
159 | } |
160 | |
161 | error_page 500 502 503 504 /50x.html; |
162 | location = /50x.html { |
163 | } |
164 | } |
165 | |
166 | server { |
167 | listen 80; |
168 | server_name tmapper.ornl.gov; |
169 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
170 | add_header X-Frame-Options DENY; |
171 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
172 | add_header X-Frame-Options "SAMEORIGIN"; |
173 | return 301 https://tmapper.ornl.gov$request_uri; |
174 | } |
175 | |
176 | map $http_upgrade $connection_upgrade { |
177 | default upgrade; |
178 | '' close; |
179 | } |
180 | |
181 | server { |
182 | listen 443 ssl; |
183 | server_name tmapper.ornl.gov; |
184 | root /usr/share/nginx/html; |
185 | |
186 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
187 | # add_header X-Frame-Options SAMEORIGIN always; |
188 | # add_header X-Frame-Options sameorigin always; |
189 | add_header X-Frame-Options "DENY"; |
190 | |
191 | ssl_certificate "/home/cloud/packages/teammapper/tmapper.pem"; |
192 | ssl_certificate_key "/home/cloud/packages/teammapper/tmapper.key"; |
193 | |
194 | location / { |
195 | proxy_pass http://localhost:8089; |
196 | proxy_set_header Host $host; |
197 | proxy_set_header X-Real-IP $remote_addr; |
198 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
199 | proxy_set_header X-Forwarded-Proto $scheme; |
200 | proxy_pass_request_headers on; |
201 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
202 | add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always; |
203 | add_header Pragma "no-cache" always; |
204 | add_header Expires "0" always; |
205 | add_header X-Frame-Options "SAMEORIGIN"; |
206 | add_header X-Frame-Options "DENY" always; |
207 | proxy_set_header X-Frame-Options "SAMEORIGIN"; |
208 | # include uwsgi_params; |
209 | # uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock; |
210 | } |
211 | |
212 | error_page 404 /404.html; |
213 | location = /404.html { |
214 | } |
215 | |
216 | error_page 500 502 503 504 /50x.html; |
217 | location = /50x.html { |
218 | } |
219 | } |
220 | |
221 | server { |
222 | listen 80; |
223 | server_name rally.ornl.gov; |
224 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
225 | add_header X-Frame-Options DENY; |
226 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
227 | add_header X-Frame-Options "SAMEORIGIN"; |
228 | return 301 https://rally.ornl.gov$request_uri; |
229 | } |
230 | |
231 | map $http_upgrade $connection_upgrade { |
232 | default upgrade; |
233 | '' close; |
234 | } |
235 | |
236 | server { |
237 | listen 443 ssl; |
238 | server_name rally.ornl.gov; |
239 | root /usr/share/nginx/html; |
240 | |
241 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
242 | # add_header X-Frame-Options SAMEORIGIN always; |
243 | # add_header X-Frame-Options sameorigin always; |
244 | add_header X-Frame-Options "DENY"; |
245 | |
246 | ssl_certificate "/home/cloud/packages/rallly-selfhosted/rally.pem"; |
247 | ssl_certificate_key "/home/cloud/packages/rallly-selfhosted/rally.key"; |
248 | |
249 | location / { |
250 | proxy_pass http://localhost:3000; |
251 | proxy_set_header Host $host; |
252 | proxy_set_header X-Real-IP $remote_addr; |
253 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
254 | proxy_set_header X-Forwarded-Proto $scheme; |
255 | proxy_pass_request_headers on; |
256 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
257 | add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always; |
258 | add_header Pragma "no-cache" always; |
259 | add_header Expires "0" always; |
260 | add_header X-Frame-Options "SAMEORIGIN"; |
261 | add_header X-Frame-Options "DENY" always; |
262 | proxy_set_header X-Frame-Options "SAMEORIGIN"; |
263 | # include uwsgi_params; |
264 | # uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock; |
265 | } |
266 | |
267 | error_page 404 /404.html; |
268 | location = /404.html { |
269 | } |
270 | |
271 | error_page 500 502 503 504 /50x.html; |
272 | location = /50x.html { |
273 | } |
274 | } |
275 | |
276 | server { |
277 | listen 80; |
278 | server_name addie-dev.ornl.gov; |
279 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
280 | add_header X-Frame-Options DENY; |
281 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
282 | add_header X-Frame-Options "SAMEORIGIN"; |
283 | return 301 https://addie-dev.ornl.gov$request_uri; |
284 | } |
285 | |
286 | map $http_upgrade $connection_upgrade { |
287 | default upgrade; |
288 | '' close; |
289 | } |
290 | |
291 | server { |
292 | listen 443 ssl; |
293 | server_name addie-dev.ornl.gov; |
294 | root /usr/share/nginx/html; |
295 | |
296 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
297 | # add_header X-Frame-Options SAMEORIGIN always; |
298 | # add_header X-Frame-Options sameorigin always; |
299 | add_header X-Frame-Options "DENY"; |
300 | |
301 | ssl_certificate "/home/cloud/packages/addie/certs_dev/addie.pem"; |
302 | ssl_certificate_key "/home/cloud/packages/addie/certs_dev/addie.key"; |
303 | |
304 | location / { |
305 | proxy_pass http://localhost:6000; |
306 | proxy_set_header Host $host; |
307 | proxy_set_header X-Real-IP $remote_addr; |
308 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
309 | proxy_set_header X-Forwarded-Proto $scheme; |
310 | proxy_pass_request_headers on; |
311 | add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload;' always; |
312 | add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate" always; |
313 | add_header Pragma "no-cache" always; |
314 | add_header Expires "0" always; |
315 | add_header X-Frame-Options "SAMEORIGIN"; |
316 | add_header X-Frame-Options "DENY" always; |
317 | proxy_set_header X-Frame-Options "SAMEORIGIN"; |
318 | # include uwsgi_params; |
319 | # uwsgi_pass unix:/home/cloud/dev/tsitc/pdfitc.sock; |
320 | } |
321 | |
322 | error_page 404 /404.html; |
323 | location = /404.html { |
324 | } |
325 | |
326 | error_page 500 502 503 504 /50x.html; |
327 | location = /50x.html { |
328 | } |
329 | } |
330 | } |