| 1 | proxy_cache_path /webc/site_deployments/<REDACTED>/cache levels=1:2 use_temp_path=off keys_zone=<REDACTED>:10m max_size=1g inactive=7d;
|
|---|
| 2 |
|
|---|
| 3 | server {
|
|---|
| 4 | listen 10.20.61.11:80;
|
|---|
| 5 | server_name <REDACTED> www.<REDACTED>;
|
|---|
| 6 |
|
|---|
| 7 | access_log /webc/site_deployments/<REDACTED>/log/access.log main;
|
|---|
| 8 | error_log /webc/site_deployments/<REDACTED>/log/error.log;
|
|---|
| 9 |
|
|---|
| 10 | return 301 https://<REDACTED>$request_uri;
|
|---|
| 11 | }
|
|---|
| 12 |
|
|---|
| 13 | server {
|
|---|
| 14 | listen 10.20.61.11:443 ssl http2;
|
|---|
| 15 | server_name www.<REDACTED>;
|
|---|
| 16 |
|
|---|
| 17 | more_set_headers "Strict-Transport-Security: max-age=31536000";
|
|---|
| 18 |
|
|---|
| 19 | ssl_certificate /etc/letsencrypt/live/<REDACTED>/fullchain.pem;
|
|---|
| 20 | ssl_certificate_key /etc/letsencrypt/live/<REDACTED>/privkey.pem;
|
|---|
| 21 |
|
|---|
| 22 | access_log /webc/site_deployments/<REDACTED>/log/access.log main;
|
|---|
| 23 | error_log /webc/site_deployments/<REDACTED>/log/error.log;
|
|---|
| 24 |
|
|---|
| 25 | return 301 https://<REDACTED>$request_uri;
|
|---|
| 26 | }
|
|---|
| 27 |
|
|---|
| 28 | server {
|
|---|
| 29 | listen 10.20.61.11:443 ssl http2;
|
|---|
| 30 | server_name <REDACTED>;
|
|---|
| 31 |
|
|---|
| 32 | more_set_headers "Strict-Transport-Security: max-age=31536000";
|
|---|
| 33 |
|
|---|
| 34 | ssl_certificate /etc/letsencrypt/live/<REDACTED>/fullchain.pem;
|
|---|
| 35 | ssl_certificate_key /etc/letsencrypt/live/<REDACTED>/privkey.pem;
|
|---|
| 36 |
|
|---|
| 37 | access_log /webc/site_deployments/<REDACTED>/log/access.log main;
|
|---|
| 38 | error_log /webc/site_deployments/<REDACTED>/log/error.log;
|
|---|
| 39 |
|
|---|
| 40 | include /etc/nginx/error_pages;
|
|---|
| 41 |
|
|---|
| 42 | location / {
|
|---|
| 43 | proxy_pass https://10.20.61.10;
|
|---|
| 44 |
|
|---|
| 45 | proxy_set_header Host <REDACTED>;
|
|---|
| 46 |
|
|---|
| 47 | proxy_set_header X-Forwarded-Host $http_host;
|
|---|
| 48 | proxy_set_header X-Forwarded-Proto $scheme;
|
|---|
| 49 | proxy_set_header X-Forwarded-Server $server_name;
|
|---|
| 50 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|---|
| 51 |
|
|---|
| 52 | proxy_cache <REDACTED>;
|
|---|
| 53 | proxy_cache_valid 200 10m;
|
|---|
| 54 | proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
|
|---|
| 55 | proxy_cache_background_update on;
|
|---|
| 56 | proxy_ignore_headers Cache-Control Expires X-Accel-Redirect X-Accel-Limit-Rate X-Accel-Buffering X-Accel-Charset;
|
|---|
| 57 |
|
|---|
| 58 | proxy_cache_bypass $cookie_nocache $arg_nocache;
|
|---|
| 59 |
|
|---|
| 60 | more_set_headers "X-Cache-Status: $upstream_cache_status";
|
|---|
| 61 |
|
|---|
| 62 | location ~ ^/((en|de|it)/)?admin {
|
|---|
| 63 | proxy_pass https://10.20.61.10;
|
|---|
| 64 |
|
|---|
| 65 | proxy_cache off;
|
|---|
| 66 |
|
|---|
| 67 | if ($cookie_nocache != true) {
|
|---|
| 68 | more_set_headers "Set-Cookie: nocache=true;Path=/";
|
|---|
| 69 | }
|
|---|
| 70 | }
|
|---|
| 71 | }
|
|---|
| 72 | }
|
|---|
