Skip to content

Commit 4c3f48c

Browse files
damalisdamalis
committed
Update proxy.conf.template
1 parent 5cb263a commit 4c3f48c

File tree

1 file changed

+22
-35
lines changed

1 file changed

+22
-35
lines changed

proxy/templates/proxy.conf.template

Lines changed: 22 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,12 @@
11
upstream docker_webserver {
2-
server webserver:8080;
2+
server webserver:8080;
33
}
44

55
map $scheme $proxy_x_forwarded_ssl {
66
default off;
77
https on;
88
}
99

10-
server_tokens off;
11-
proxy_hide_header X-Powered-By;
12-
1310
server {
1411
listen ${NGINX_PORT} default_server;
1512
listen [::]:${NGINX_PORT} ipv6only=on default_server;
@@ -38,19 +35,7 @@ server {
3835
#ssl_dhparam /etc/letsencrypt/ssl-dhparam.pem;
3936
include /etc/letsencrypt/options-ssl-nginx.conf;
4037
#
41-
client_max_body_size 8m;
42-
proxy_headers_hash_max_size 768;
43-
proxy_headers_hash_bucket_size 128;
44-
#
45-
# global gzip on
46-
gzip on;
47-
gzip_min_length 10240;
48-
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml image/svg+xml;
49-
gzip_disable "MSIE [1-6]\.";
5038

51-
add_header Cache-Control public;
52-
add_header X-Cache-Status $upstream_cache_status;
53-
5439
location / {
5540
proxy_pass http://docker_webserver;
5641
proxy_set_header X-Real-IP $remote_addr;
@@ -59,8 +44,8 @@ server {
5944
proxy_set_header Host $host;
6045
proxy_set_header X-Forwarded-Host $host;
6146
proxy_set_header X-Forwarded-Port $server_port;
62-
proxy_set_header Upgrade $http_upgrade;
63-
proxy_set_header Connection "Upgrade";
47+
proxy_set_header Upgrade $http_upgrade;
48+
proxy_set_header Connection "Upgrade";
6449
proxy_set_header X-Forwarded-Ssl $proxy_x_forwarded_ssl;
6550
#
6651
proxy_redirect off;
@@ -73,26 +58,28 @@ server {
7358
proxy_request_buffering off;
7459
#
7560
# Mitigate httpoxy attack
76-
proxy_set_header Proxy "";
61+
proxy_set_header Proxy "";
7762
}
7863
#
7964
# deny access to .htaccess vb. files, if Apache's document root
80-
#
81-
location ~* \.(svg|svgz)$ {
82-
types {}
83-
default_type image/svg+xml;
84-
}
85-
location = /favicon.ico {
86-
log_not_found off;
87-
}
88-
location = /robots.txt {
89-
allow all;
90-
log_not_found off;
91-
}
92-
location ~/\. {
93-
deny all;
94-
log_not_found off;
95-
}
65+
#
66+
location ~/\. {
67+
deny all;
68+
log_not_found off;
69+
}
70+
#
71+
location ~ /.well-known {
72+
allow all;
73+
}
74+
#
75+
location = /favicon.ico {
76+
log_not_found off;
77+
}
78+
#
79+
location = /robots.txt {
80+
allow all;
81+
log_not_found off;
82+
}
9683
#
9784
access_log off;
9885
error_log /var/log/nginx/${NGINX_HOST}.error.log error;

0 commit comments

Comments
 (0)