add_header  X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";

#proxy_cache_path /tmp/blog levels=1:2 keys_zone=my_cache_blog:10m max_size=10g 
#                 inactive=60m use_temp_path=off;


server{
	listen 80;
	server_name blog.egonetix.de;
	return 301 https://$server_name/$request_uri;

}

server {
 listen 10.0.0.29:443 ssl http2;
 add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

 # SSL config
 ssl on;
 ssl_certificate /etc/letsencrypt/live/blog.egonetix.de/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/blog.egonetix.de/privkey.pem;
 ssl_dhparam /etc/ssl/certs/dhparam.pem; 

 # Make site accessible from http://localhost/
 server_name blog.egonetix.de;
 access_log /var/log/nginx/blog-access_log;
 error_log /var/log/nginx/blog-error_log;

 set $upstream 10.0.0.48;

 location / {

# proxy_cache my_cache_blog;
# proxy_cache_revalidate on;
# proxy_cache_min_uses 3;
# proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
# proxy_cache_lock on;
# proxy_pass_header Authorization;
 proxy_pass http://$upstream:8083;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_http_version 1.1;
# proxy_set_header Connection "";
# proxy_buffering off;
# client_max_body_size 0;
# proxy_read_timeout 36000s;
# proxy_redirect off;
# proxy_ssl_session_reuse off;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

 }

}