From cb7737b16e1192a8c7cf44104dc079b67517b651 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Artur=20Ku=C5=9B?= Date: Mon, 18 Aug 2025 17:02:16 +0200 Subject: [PATCH] removing http from https-arti24.eu.conf --- nginx-config/https/https-arti24-eu.conf | 86 ++++++++++++------------- 1 file changed, 42 insertions(+), 44 deletions(-) diff --git a/nginx-config/https/https-arti24-eu.conf b/nginx-config/https/https-arti24-eu.conf index 21a01e1..87e60fd 100755 --- a/nginx-config/https/https-arti24-eu.conf +++ b/nginx-config/https/https-arti24-eu.conf @@ -1,49 +1,47 @@ -http { - proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=img_cache:100m inactive=24h use_temp_path=off; +proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=img_cache:100m inactive=24h use_temp_path=off; - server { - listen 443 ssl http2; - server_name arti24.eu; - server_tokens off; +server { + listen 443 ssl http2; + server_name arti24.eu; + server_tokens off; - ssl_certificate /letsencrypt/live/arti24.eu/fullchain.pem; - ssl_certificate_key /letsencrypt/live/arti24.eu/privkey.pem; - ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384'; - ssl_prefer_server_ciphers on; - ssl_session_cache shared:SSL:50m; - ssl_session_timeout 1d; - ssl_session_tickets off; + ssl_certificate /letsencrypt/live/arti24.eu/fullchain.pem; + ssl_certificate_key /letsencrypt/live/arti24.eu/privkey.pem; + ssl_protocols TLSv1.2 TLSv1.3; + ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384'; + ssl_prefer_server_ciphers on; + ssl_session_cache shared:SSL:50m; + ssl_session_timeout 1d; + ssl_session_tickets off; - # Nagłówki bezpieczeństwa - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-Content-Type-Options "nosniff" always; - add_header Referrer-Policy "strict-origin-when-cross-origin" always; + # Nagłówki bezpieczeństwa + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "strict-origin-when-cross-origin" always; - location / { - limit_req zone=ip_limit burst=20 nodelay; - proxy_pass http://arti24-container:3002; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Port $server_port; - } - - location ~ ^/(pictures|obrazki)/ { - proxy_pass http://arti24-container:3002; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Host $host; - - proxy_cache img_cache; - proxy_cache_key "$scheme://$host$request_uri"; - proxy_cache_valid 200 301 302 24h; - proxy_cache_valid 404 1m; - proxy_cache_use_stale error timeout updating; - add_header X-Cache-Status $upstream_cache_status; - } + location / { + limit_req zone=ip_limit burst=20 nodelay; + proxy_pass http://arti24-container:3002; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Port $server_port; } -} \ No newline at end of file + + location ~ ^/(pictures|obrazki)/ { + proxy_pass http://arti24-container:3002; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Host $host; + + proxy_cache img_cache; + proxy_cache_key "$scheme://$host$request_uri"; + proxy_cache_valid 200 301 302 24h; + proxy_cache_valid 404 1m; + proxy_cache_use_stale error timeout updating; + add_header X-Cache-Status $upstream_cache_status; + } +}