|
|
|
vhost_traffic_status_zone;
|
|
|
|
|
|
|
|
log_format cache_log '$server_name $upstream_cache_status - '
|
|
|
|
'$remote_addr [$time_local] '
|
|
|
|
'"$request" $status $body_bytes_sent '
|
|
|
|
'"$http_referer" "$http_user_agent" '
|
|
|
|
'$upstream_response_time $request_time';
|
|
|
|
access_log /var/log/nginx/access.log cache_log;
|
|
|
|
|
|
|
|
server {
|
|
|
|
listen 80 default_server;
|
|
|
|
|
|
|
|
# this works on the docker container with http_stub built in
|
|
|
|
# only allow from localhost
|
|
|
|
location /nginx_status {
|
|
|
|
stub_status on;
|
|
|
|
access_log off;
|
|
|
|
allow 127.0.0.1;
|
|
|
|
deny all;
|
|
|
|
}
|
|
|
|
|
|
|
|
# this works with the vts module
|
|
|
|
location /status {
|
|
|
|
vhost_traffic_status_display;
|
|
|
|
vhost_traffic_status_display_format html;
|
|
|
|
access_log off;
|
|
|
|
#allow 127.0.0.1;
|
|
|
|
#deny all;
|
|
|
|
}
|
|
|
|
|
|
|
|
# forward certbot challenges to the certbot directory
|
|
|
|
include /etc/nginx/includes/challenge.conf;
|
|
|
|
|
|
|
|
# Redirect *all other* port 80 traffic to the same thing on port 443
|
|
|
|
location / {
|
|
|
|
return 301 https://$host$request_uri;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
server {
|
|
|
|
# should send them to the main page
|
|
|
|
location / {
|
|
|
|
default_type text/html;
|
|
|
|
return 404 '<html>
|
|
|
|
<body>
|
|
|
|
<h1>Unknown hostname "$host"</h1>
|
|
|
|
<p>Try <a href="https://${DOMAIN_NAME}/">${DOMAIN_NAME}</a> instead
|
|
|
|
|
|
|
|
<pre style="white-space: pre-wrap">
|
|
|
|
$request
|
|
|
|
Host: $host
|
|
|
|
Referer: $http_referer
|
|
|
|
User-Agent: $http_user_agent
|
|
|
|
Accept: $http_accept
|
|
|
|
</pre>
|
|
|
|
</body></html>
|
|
|
|
';
|
|
|
|
}
|
|
|
|
|
|
|
|
# this one can't include ssl.conf since it must be default server
|
|
|
|
listen 443 ssl http2 default_server;
|
|
|
|
ssl_certificate /etc/nginx/fullchain.pem;
|
|
|
|
ssl_certificate_key /etc/nginx/privkey.pem;
|
|
|
|
include /etc/nginx/includes/options-ssl-nginx.conf;
|
|
|
|
include /etc/nginx/includes/challenge.conf;
|
|
|
|
ssl_dhparam /etc/nginx/includes/ssl-dhparams.pem;
|
|
|
|
}
|