NGINX-Configs/etc/nginx/conf.d/wl

# The `upstream` directives ensure that you have a http/1.1 connection
# This enables the keepalive option and better performance
#
# Define the server IP and ports here.
upstream dashboard-default {
  zone dashboard-default 64k;
  server 127.0.0.1:7200;
  keepalive 2;
}


# Redirect HTTP to HTTPS
server {
    listen 80;
    listen [::]:80;
    server_name wl.conorz.at;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
   # listen [::]:443 ssl http2;
    server_name wl.conorz.at;

    # Specify SSL Config when needed
#    ssl_certificate /etc/nginx/ssl/conorz.at/wl.conorz.at-fullchain.pem;
#    ssl_certificate_key /etc/nginx/ssl/conorz.at/wl.conorz.at-privkey.pem;
#    ssl_trusted_certificate /etc/nginx/ssl/conorz.at/wl.conorz.at-fullchain.pem;
    ssl_certificate /etc/letsencrypt/live/wl.conorz.at/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/wl.conorz.at/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/wl.conorz.at/cert.pem;

    client_max_body_size 128M;

    location / {
      proxy_http_version 1.1;
      proxy_set_header "Connection" "";

      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;

      proxy_pass http://dashboard-default;
    }

#    location /notifications/hub/negotiate {
#      proxy_http_version 1.1;
#      proxy_set_header "Connection" "";
#
#      proxy_set_header Host $host;
#      proxy_set_header X-Real-IP $remote_addr;
#      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#      proxy_set_header X-Forwarded-Proto $scheme;
#
#      proxy_pass http://vaultwarden-default;
#    }

#    location /notifications/hub {
#      proxy_http_version 1.1;
#      proxy_set_header Upgrade $http_upgrade;
#      proxy_set_header Connection "upgrade";

 #     proxy_set_header Host $host;
#      proxy_set_header X-Real-IP $remote_addr;
#      proxy_set_header Forwarded $remote_addr;
#      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#      proxy_set_header X-Forwarded-Proto $scheme;

#      proxy_pass http://vaultwarden-ws;
#    }

    # Optionally add extra authentication besides the ADMIN_TOKEN
    # Remove the comments below `#` and create the htpasswd_file to have it active
    #
    #location /admin {
    #  # See: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
    #  auth_basic "Private";
    #  auth_basic_user_file /path/to/htpasswd_file;
    #
    #  proxy_http_version 1.1;
    #  proxy_set_header "Connection" "";
    #
    #  proxy_set_header Host $host;
    #  proxy_set_header X-Real-IP $remote_addr;
    #  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    #  proxy_set_header X-Forwarded-Proto $scheme;
    #
    #  proxy_pass http://vaultwarden-default;
    #}
}
first commit 2025-01-01 06:29:34 +01:00			# The `upstream` directives ensure that you have a http/1.1 connection
			`# This enables the keepalive option and better performance`
			`#`
			`# Define the server IP and ports here.`
			`upstream dashboard-default {`
			`zone dashboard-default 64k;`
			`server 127.0.0.1:7200;`
			`keepalive 2;`
			`}`


			`# Redirect HTTP to HTTPS`
			`server {`
			`listen 80;`
			`listen [::]:80;`
			`server_name wl.conorz.at;`
			`return 301 https://$host$request_uri;`
			`}`

			`server {`
			`listen 443 ssl http2;`
			`# listen [::]:443 ssl http2;`
			`server_name wl.conorz.at;`

			`# Specify SSL Config when needed`
			`# ssl_certificate /etc/nginx/ssl/conorz.at/wl.conorz.at-fullchain.pem;`
			`# ssl_certificate_key /etc/nginx/ssl/conorz.at/wl.conorz.at-privkey.pem;`
			`# ssl_trusted_certificate /etc/nginx/ssl/conorz.at/wl.conorz.at-fullchain.pem;`
			`ssl_certificate /etc/letsencrypt/live/wl.conorz.at/fullchain.pem;`
			`ssl_certificate_key /etc/letsencrypt/live/wl.conorz.at/privkey.pem;`
			`ssl_trusted_certificate /etc/letsencrypt/live/wl.conorz.at/cert.pem;`

			`client_max_body_size 128M;`

			`location / {`
			`proxy_http_version 1.1;`
			`proxy_set_header "Connection" "";`

			`proxy_set_header Host $host;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_set_header X-Forwarded-Proto $scheme;`

			`proxy_pass http://dashboard-default;`
			`}`

			`# location /notifications/hub/negotiate {`
			`# proxy_http_version 1.1;`
			`# proxy_set_header "Connection" "";`
			`#`
			`# proxy_set_header Host $host;`
			`# proxy_set_header X-Real-IP $remote_addr;`
			`# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`# proxy_set_header X-Forwarded-Proto $scheme;`
			`#`
			`# proxy_pass http://vaultwarden-default;`
			`# }`

			`# location /notifications/hub {`
			`# proxy_http_version 1.1;`
			`# proxy_set_header Upgrade $http_upgrade;`
			`# proxy_set_header Connection "upgrade";`

			`# proxy_set_header Host $host;`
			`# proxy_set_header X-Real-IP $remote_addr;`
			`# proxy_set_header Forwarded $remote_addr;`
			`# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`# proxy_set_header X-Forwarded-Proto $scheme;`

			`# proxy_pass http://vaultwarden-ws;`
			`# }`

			`# Optionally add extra authentication besides the ADMIN_TOKEN`
			# Remove the comments below `#` and create the htpasswd_file to have it active
			`#`
			`#location /admin {`
			`# # See: https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/`
			`# auth_basic "Private";`
			`# auth_basic_user_file /path/to/htpasswd_file;`
			`#`
			`# proxy_http_version 1.1;`
			`# proxy_set_header "Connection" "";`
			`#`
			`# proxy_set_header Host $host;`
			`# proxy_set_header X-Real-IP $remote_addr;`
			`# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`# proxy_set_header X-Forwarded-Proto $scheme;`
			`#`
			`# proxy_pass http://vaultwarden-default;`
			`#}`
			`}`