system/nginx/03/beauties.conf

35 lines
1.1 KiB
Plaintext
Raw Normal View History

server {
listen 202.61.255.100:443 ssl http2;
listen [2a03:4000:55:d1d::]:443 ssl http2;
server_name hugz.io up.hugz.io www.hugz.io;
ssl_certificate /etc/ssl/hugz/fullchain.pem;
ssl_certificate_key /etc/ssl/hugz/private/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
add_header Strict-Transport-Security "max-age=63072000" always;
error_page 403 /beauties-ip.html;
location = /beauties-ip.html {
root /srv/www/error;
allow all;
}
location / {
proxy_pass http://192.168.0.120:8922;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 200M;
types {} default_type "text/plain; charset=utf-8";
deny 2a01:7e00::f03c:91ff:feae:d55;
deny 176.58.107.169;
}
}