boris/keywarden
1
1
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 1 Releases Wiki Activity
Files
69802f3ece32848656215c2e6621ad0db4186257
keywarden/nginx/configs/nginx.conf.template
boris 6901f6fcc4 RBAC + Per-Route Audit Events
2026-01-20 10:08:32 +00:00

72 lines
1.9 KiB
Plaintext
Raw Blame History

# This file should be put under /etc/nginx/conf.d/
# Or place as /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
real_ip_header X-Forwarded-For;
real_ip_recursive on;
set_real_ip_from 127.0.0.1;
set_real_ip_from ::1;
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 172.16.0.0/12;
set_real_ip_from 192.168.0.0/16;
include /etc/nginx/mime.types;
include options-ssl.conf;
include options-http-headers.conf;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
map $http_x_forwarded_for $forwarded_for {
"" $remote_addr;
default $http_x_forwarded_for;
}
server {
listen 80;
listen [::]:80;
server_name __SERVER_NAME__;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
server_name __SERVER_NAME__;
error_log /var/log/nginx/error.log warn;
access_log /var/log/nginx/access.log main;
ssl_certificate /etc/nginx/certs/certificate.pem;
ssl_certificate_key /etc/nginx/certs/key.pem;
include options-ssl.conf;
include options-https-headers.conf;
client_max_body_size 50M;
location / {
proxy_pass http://127.0.0.1:8000;
include options-https-headers.conf;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
access_log /var/log/nginx/access.log main;
types_hash_bucket_size 128;
}
Reference in New Issue View Git Blame Copy Permalink