-
Notifications
You must be signed in to change notification settings - Fork 1
/
nginx.conf
56 lines (50 loc) · 1.85 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
server {
listen 80;
gzip on;
server_name golangshow.com www.golangshow.com golangshow.ru www.golangshow.ru;
access_log /data/golangshow.com.access.log;
error_log /data/golangshow.com.error.log;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
server_name golangshow.com www.golangshow.com golangshow.ru www.golangshow.ru;
gzip on;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
access_log /data/golangshow.com.access.log;
error_log /data/golangshow.com.error.log;
if ($http_host != "golangshow.com") {
rewrite ^ http://golangshow.com$request_uri permanent;
}
location / {
root /data/www;
break;
}
location /cdn {
root /data;
break;
}
location /stream/ {
proxy_pass http://46.101.212.249:8000/stream;
break;
}
ssl on;
ssl_certificate /etc/nginx/ssl/golangshow.com.crt;
ssl_certificate_key /etc/nginx/ssl/golangshow.com.key;
#enables all versions of TLS, but not SSLv2 or 3 which are weak and now deprecated.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#Disables all weak ciphers
ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
}
server {
listen 80;
gzip on;
server_name cdn.golangshow.com;
access_log /data/cdn.golangshow.com.access.log;
error_log /data/cdn.golangshow.com.error.log;
location / {
root /data/cdn;
break;
}
}