docker-compose environment for the entire v.st system https://v.st/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
env/nginx/default.conf

68 lines
1.6 KiB

vhost_traffic_status_zone;
log_format cache_log '$server_name $upstream_cache_status - '
'$remote_addr [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" '
'$upstream_response_time $request_time';
access_log /var/log/nginx/access.log cache_log;
server {
listen 80 default_server;
# this works on the docker container with http_stub built in
# only allow from localhost
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
# this works with the vts module
location /status {
vhost_traffic_status_display;
vhost_traffic_status_display_format html;
access_log off;
#allow 127.0.0.1;
#deny all;
}
# forward certbot challenges to the certbot directory
include /etc/nginx/includes/challenge.conf;
# Redirect *all other* port 80 traffic to the same thing on port 443
location / {
return 301 https://$host$request_uri;
}
}
server {
# should send them to the main page
location / {
default_type text/html;
return 404 '<html>
<body>
<h1>Unknown hostname "$host"</h1>
<p>Try <a href="https://${DOMAIN_NAME}/">${DOMAIN_NAME}</a> instead
<pre style="white-space: pre-wrap">
$request
Host: $host
Referer: $http_referer
User-Agent: $http_user_agent
Accept: $http_accept
</pre>
</body></html>
';
}
# this one can't include ssl.conf since it must be default server
listen 443 ssl http2 default_server;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/privkey.pem;
include /etc/nginx/includes/options-ssl-nginx.conf;
include /etc/nginx/includes/challenge.conf;
ssl_dhparam /etc/nginx/includes/ssl-dhparams.pem;
}