diff options
Diffstat (limited to 'kvmd/configs')
-rw-r--r-- | kvmd/configs/nginx/nginx.conf.example (renamed from kvmd/configs/nginx/nginx.conf) | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/kvmd/configs/nginx/nginx.conf b/kvmd/configs/nginx/nginx.conf.example index 51c52c46..cd30f572 100644 --- a/kvmd/configs/nginx/nginx.conf +++ b/kvmd/configs/nginx/nginx.conf.example @@ -10,13 +10,26 @@ events { } http { + access_log off; + include mime.types; default_type application/octet-stream; charset utf-8; sendfile on; keepalive_timeout 10; - # gzip on; + + client_body_temp_path /tmp/nginx.client_body_temp; + fastcgi_temp_path /tmp/nginx.fastcgi_temp; + proxy_temp_path /tmp/nginx.proxy_temp; + scgi_temp_path /tmp/nginx.scgi_temp; + uwsgi_temp_path /tmp/nginx.uwsgi_temp; + + server { + listen 80; + server_name localhost; + return 301 https://$host$request_uri; + } upstream kvmd { server localhost:8081 fail_timeout=0s max_fails=0; @@ -27,17 +40,15 @@ http { } server { - # access_log /tmp/nginx.access.log; - access_log off; - - listen 80; + listen 443 ssl http2; server_name localhost; - client_body_temp_path /tmp/nginx.client_body_temp; - fastcgi_temp_path /tmp/nginx.fastcgi_temp; - proxy_temp_path /tmp/nginx.proxy_temp; - scgi_temp_path /tmp/nginx.scgi_temp; - uwsgi_temp_path /tmp/nginx.uwsgi_temp; + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; + ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; + ssl_certificate ssl/server.crt; + ssl_certificate_key ssl/server.key; + + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; location / { root /usr/share/kvmd/web; |