novicelab.io/nginx
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove commented out config sections

Browse Source
This commit is contained in:
kbrianngeno
2026-03-20 04:11:20 +00:00
parent 6240de4af5
commit 69ed1a853e
13 changed files with 35 additions and 219 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
data/conf.d/book.conf
View File

@@ -29,22 +29,13 @@ server {
}
server {
listen 443 ssl; #http2;
listen [::]:443 ssl; # http2;
listen 443 ssl;
listen [::]:443 ssl;
server_name book.novicelab.io;
# SSL Certificate paths
ssl_certificate /etc/letsencrypt/live/novicelab.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/novicelab.io/privkey.pem;
# Trusted certificate for OCSP stapling
# ssl_trusted_certificate /etc/nginx/ssl/chain.pem;
# Cloudflare Origin CA certificate for client verification
# Cloudflare Origin CA for authenticated origin pulls (optional)
# Only enable if you want to restrict to Cloudflare only
# ssl_client_certificate /etc/nginx/ssl/client-cert.pem;
# ssl_verify_client on;
# SSL Protocol - TLS 1.2 and 1.3 only
ssl_protocols TLSv1.2 TLSv1.3;
@@ -58,9 +49,6 @@ server {
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
# OCSP Stapling
# ssl_stapling on;
# ssl_stapling_verify on;
resolver 127.0.0.11 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
@@ -72,32 +60,17 @@ server {
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Content-Security-Policy "default-src 'self' https: data: 'unsafe-inline' 'unsafe-eval';" always;
# Diffie-Hellman parameter for DHE ciphersuites
# ssl_dhparam /etc/nginx/ssl/dhparam.pem;
# Logging
access_log /var/log/nginx/book.novicelab.io_access.log json_combined;
error_log /var/log/nginx/book.novicelab.io_error.log debug;
# Root and index
# root /var/www/html;
# index index.html index.htm;
# include /etc/letsencrypt/options-ssl-nginx.conf;
# set $bookstack_backend bookstack:80;
# client_max_body_size 0;
# BookStack (/docs)
location / {
# rewrite ^/docs/(.*) /$1 break;
proxy_pass http://bookstack_backend;
# proxy_pass http://10.0.0.251:6875/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https; #$scheme;
# proxy_redirect / /docs/;
proxy_set_header X-Forwarded-Proto https;
}
}