Break out a new server{} config for port 444>

This also restores docker proxy stuff with recursive enabled
2015-01-21 15:59:29 -05:00 · 2015-01-21 15:59:29 -05:00 · 0f8aad9ef1
commit 0f8aad9ef1
parent b7d6d42317
2 changed files with 22 additions and 8 deletions
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -13,7 +13,6 @@ http {
        include server-base.conf;
        listen 443 default proxy_protocol;
        listen 444 default;
        ssl on;
        ssl_certificate ./stack/ssl.cert;
@ -23,4 +22,18 @@ http {
        ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
        ssl_prefer_server_ciphers on;
    }
    server {
      include server-base.conf
      listen 444 default;
      ssl on;
      ssl_certificate ./stack/ssl.cert;
      ssl_certificate_key ./stack/ssl.key;
      ssl_session_timeout 5m;
      ssl_protocols SSLv3 TLSv1;
      ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
      ssl_prefer_server_ciphers on;
    }
 }
--- a/conf/server-base.conf
+++ b/conf/server-base.conf
@ -3,8 +3,9 @@
 client_body_temp_path /var/log/nginx/client_body 1 2;
 server_name _;
-#set_real_ip_from 172.17.0.0/16;
+set_real_ip_from 172.17.0.0/16;
-#real_ip_header X-Forwarded-For;
+real_ip_header X-Forwarded-For;
 real_ip_recursive on;
 keepalive_timeout 5;
@ -12,12 +13,12 @@ if ($args ~ "_escaped_fragment_") {
    rewrite ^ /snapshot$uri;
 }
-#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-#proxy_set_header X-Forwarded-Proto $scheme;
+proxy_set_header X-Forwarded-Proto $scheme;
-#proxy_set_header Host $http_host;
+proxy_set_header Host $http_host;
-#proxy_redirect off;
+proxy_redirect off;
-#proxy_set_header Transfer-Encoding $http_transfer_encoding;
+proxy_set_header Transfer-Encoding $http_transfer_encoding;
 location / {
    proxy_pass   http://web_app_server;