master
91
parent
efef58c4af
commit
5d1ab7d912
@ -0,0 +1,3 @@
|
||||
# Calculate format=samba path=/var/calculate name=#-cut(1)-# grep(/var/calculate/ini.env,\[nginx\])== protected
|
||||
[nginx]
|
||||
zigbee2mqtt_subpath = #-rnd(pas,32)-#
|
@ -1,49 +1,54 @@
|
||||
# Calculate path=/etc/nginx/sites-enabled exists(/etc/nginx/sites-enabled/#-cut()-#)== comment=#
|
||||
# Calculate path=/etc/nginx/sites-enabled exists(/etc/nginx/sites-enabled/#-cut()-#)== exists(/var/calculate/www/homeassistant/homeassistant-live)!= comment=#
|
||||
map $http_upgrade $connection_upgrade {
|
||||
default upgrade;
|
||||
'' close;
|
||||
}
|
||||
#?ini(homeassistant.protocol)==https#
|
||||
server {
|
||||
listen 80;
|
||||
server_name #-ini(homeassistant.domain)-#;
|
||||
return 301 https://#-ini(homeassistant.domain)-#$request_uri;
|
||||
}
|
||||
#ini#
|
||||
|
||||
server {
|
||||
server_name #-ini(homeassistant.domain)-#;
|
||||
|
||||
#?ini(homeassistant.protocol)==https#
|
||||
ssl_certificate /var/calculate/ssl/fullchain.pem;
|
||||
ssl_certificate_key /var/calculate/ssl/privkey.pem;
|
||||
|
||||
listen 443 ssl;
|
||||
#!ini#
|
||||
listen 80;
|
||||
#ini#
|
||||
|
||||
# Home Assistant
|
||||
location / {
|
||||
proxy_pass "http://127.0.0.1:8123";
|
||||
proxy_connect_timeout 60;
|
||||
proxy_pass http://127.0.0.1:8123;
|
||||
proxy_set_header Host $host;
|
||||
proxy_redirect http:// https://;
|
||||
proxy_http_version 1.1;
|
||||
proxy_intercept_errors off;
|
||||
proxy_read_timeout 60;
|
||||
proxy_send_timeout 60;
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
proxy_set_header Host $http_host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
}
|
||||
|
||||
# Zigbee2MQTT
|
||||
location /#-ini(nginx.zigbee2mqtt_subpath)-#/ {
|
||||
proxy_pass http://localhost:8080/;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
location /#-ini(nginx.zigbee2mqtt_subpath)-#/api {
|
||||
proxy_pass http://localhost:8080/api;
|
||||
proxy_set_header Host $host;
|
||||
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
server_name #-ini(homeassistant.domain)-#;
|
||||
|
||||
ssl_certificate /var/calculate/ssl/fullchain.pem;
|
||||
ssl_certificate_key /var/calculate/ssl/privkey.pem;
|
||||
|
||||
listen 443 ssl;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
|
||||
proxy_buffering off;
|
||||
|
||||
location / {
|
||||
proxy_pass http://127.0.0.1:8123;
|
||||
proxy_set_header Host $host;
|
||||
proxy_redirect http:// https://;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $connection_upgrade;
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in new issue