2014-12-27 10:09:00 +01:00
|
|
|
server {
|
2023-05-18 10:33:33 +02:00
|
|
|
listen 80;
|
|
|
|
|
listen [::]:80;
|
|
|
|
|
listen 443;
|
|
|
|
|
listen [::]:443;
|
2023-02-21 18:08:54 +01:00
|
|
|
# Enable this if your want HSTS (recommended)
|
2023-05-18 10:33:33 +02:00
|
|
|
add_header Strict-Transport-Security
|
2023-10-19 08:27:55 +02:00
|
|
|
"max-age=15552000; includeSubdomains; preload";
|
2023-05-18 10:33:33 +02:00
|
|
|
add_header X-Frame-Options SAMEORIGIN;
|
|
|
|
|
add_header Content-Security-Policy upgrade-insecure-requests;
|
|
|
|
|
add_header X-Xss-Protection "1; mode=block" always;
|
|
|
|
|
add_header X-Content-Type-Options "nosniff" always;
|
2023-02-21 18:08:54 +01:00
|
|
|
server_name something.example.org;
|
2014-12-27 10:09:00 +01:00
|
|
|
|
2023-05-18 10:33:33 +02:00
|
|
|
# NOTE: For X-Real-IP & X-Forwarded-For see ../conf.d/rproxy.conf
|
|
|
|
|
# Behind CloudFlare see ../conf.d/cloudflare.conf
|
|
|
|
|
location / {
|
|
|
|
|
proxy_pass http://localhost:8080;
|
2023-02-21 18:08:54 +01:00
|
|
|
}
|
2023-10-19 08:27:55 +02:00
|
|
|
}
|
