root/srvrevproxy02_nginx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
srvrevproxy02_nginx/sites-available/portal.conf
root cf41358c4c Inital Commit
2025-06-24 15:47:45 +02:00

71 lines
2.7 KiB
Plaintext
Raw Permalink Blame History

add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
server {
listen 80;
server_name portal.egonetix.de;
# Redirect all HTTP traffic to HTTPS
return 301 https://$server_name$request_uri;
}
server {
listen 10.0.0.29:443 ssl http2;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Content-Security-Policy "default-src 'self'; connect-src 'self'; script-src 'self' https://cdn.jsdelivr.net 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com;" always;
# Remove or update unsupported origin trial features.
# For example, comment out or remove these if not using them:
# add_header Permissions-Policy "private-state-token-issuance=(), join-ad-interest-group=(), browsing-topics=()";
# Content Security Policy to allow scripts, inline event handlers, styles, and fonts from trusted sources.
ssl on;
ssl_certificate /etc/letsencrypt/live/portal.egonetix.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/portal.egonetix.de/privkey.pem;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
server_name portal.egonetix.de;
access_log /var/log/nginx/portal-access_log;
error_log /var/log/nginx/portal-error_log;
root /var/www/html;
index index.html index.php; # Added index.php as potential index file
# PHP Processing Configuration - Updated for PHP 8.1
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# Use PHP 8.1 socket (most common path on Ubuntu 22.04)
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
# Alternative options if the above doesn't work:
#fastcgi_pass unix:/run/php/php8.1-fpm.sock;
#fastcgi_pass 127.0.0.1:9000;
# Increase timeout and buffer size for troubleshooting
fastcgi_connect_timeout 300;
fastcgi_read_timeout 300;
fastcgi_send_timeout 300;
fastcgi_buffer_size 32k;
fastcgi_buffers 16 16k;
# Set the correct document root
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
}
# Reverse proxy for API calls.
# If your backend expects the API without the "/api" prefix, use the proxy_pass below.
location /api/ {
proxy_pass http://127.0.0.1:3000;
# If your backend requires the /api prefix, change to:
# proxy_pass http://127.0.0.1:3000/api/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Reference in New Issue View Git Blame Copy Permalink