Break out a new server{} config for port 444>

This also restores docker proxy stuff with recursive enabled
This commit is contained in:
Jimmy Zelinskie 2015-01-21 15:59:29 -05:00
parent b7d6d42317
commit 0f8aad9ef1
2 changed files with 22 additions and 8 deletions

View file

@ -13,7 +13,6 @@ http {
include server-base.conf; include server-base.conf;
listen 443 default proxy_protocol; listen 443 default proxy_protocol;
listen 444 default;
ssl on; ssl on;
ssl_certificate ./stack/ssl.cert; ssl_certificate ./stack/ssl.cert;
@ -23,4 +22,18 @@ http {
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
} }
server {
include server-base.conf
listen 444 default;
ssl on;
ssl_certificate ./stack/ssl.cert;
ssl_certificate_key ./stack/ssl.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
}
} }

View file

@ -3,8 +3,9 @@
client_body_temp_path /var/log/nginx/client_body 1 2; client_body_temp_path /var/log/nginx/client_body 1 2;
server_name _; server_name _;
#set_real_ip_from 172.17.0.0/16; set_real_ip_from 172.17.0.0/16;
#real_ip_header X-Forwarded-For; real_ip_header X-Forwarded-For;
real_ip_recursive on;
keepalive_timeout 5; keepalive_timeout 5;
@ -12,12 +13,12 @@ if ($args ~ "_escaped_fragment_") {
rewrite ^ /snapshot$uri; rewrite ^ /snapshot$uri;
} }
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
#proxy_set_header Host $http_host; proxy_set_header Host $http_host;
#proxy_redirect off; proxy_redirect off;
#proxy_set_header Transfer-Encoding $http_transfer_encoding; proxy_set_header Transfer-Encoding $http_transfer_encoding;
location / { location / {
proxy_pass http://web_app_server; proxy_pass http://web_app_server;