AlexBa16/htl-reverse-proxy-tls-lab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3047413a412d5a2191684d812b9a51a126be2cca
htl-reverse-proxy-tls-lab/proxy/nginx.tls.example.conf
T

67 lines
1.5 KiB
Plaintext
Raw Blame History

events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
sendfile on;
server_tokens off;
upstream backend_a {
server backend-a:80;
}
upstream backend_b {
server backend-b:80;
}
server {
listen 80;
server_name _;
location = /healthz {
default_type text/plain;
return 200 "ok\n";
}
location / {
return 301 https://$host:8443$request_uri;
}
}
server {
listen 443 ssl;
server_name localhost;
ssl_certificate /etc/nginx/pki/issued/localhost.crt;
ssl_certificate_key /etc/nginx/pki/private/localhost.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "DENY" always;
add_header Referrer-Policy "no-referrer" always;
location / {
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html;
}
location /service/a {
proxy_pass http://backend_a/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /service/b {
proxy_pass http://backend_b/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}
Reference in New Issue View Git Blame Copy Permalink