You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
51 lines
1.6 KiB
51 lines
1.6 KiB
# Calculate path=/etc/nginx/sites-enabled exists(/etc/nginx/sites-enabled/#-cut()-#)== comment=#
|
|
map $http_upgrade $connection_upgrade {
|
|
default upgrade;
|
|
'' close;
|
|
}
|
|
|
|
server {
|
|
# These shouldn't need to be changed
|
|
listen 80 default_server;
|
|
#return 301 https://$host$request_uri;
|
|
}
|
|
|
|
server {
|
|
# Update this line to be your domain
|
|
#server_name home.example.org;
|
|
|
|
access_log /var/log/nginx/homeassistant.access_log main;
|
|
error_log /var/log/nginx/homeassistant.error_log info;
|
|
|
|
# Ensure these lines point to your SSL certificate and key
|
|
ssl_certificate /etc/nginx/ssl/homeassistant/fullchain.pem;
|
|
ssl_certificate_key /etc/nginx/ssl/homeassistant/privkey.pem;
|
|
|
|
# Ensure this line points to your dhparams file
|
|
# ssl_dhparam /etc/nginx/ssl/dhparams.pem;
|
|
|
|
|
|
# These shouldn't need to be changed
|
|
# listen [::]:443 ssl default_server ipv6only=off; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
|
|
listen 443 ssl default_server; # if your nginx version is >= 1.9.5 you can also add the "http2" flag here
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
|
|
|
|
ssl_protocols TLSv1.2;
|
|
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
|
|
ssl_prefer_server_ciphers on;
|
|
ssl_session_cache shared:SSL:10m;
|
|
|
|
proxy_buffering off;
|
|
|
|
location / {
|
|
proxy_pass http://127.0.0.1:8123;
|
|
proxy_set_header Host localhost;
|
|
#proxy_set_header Host $host;
|
|
proxy_redirect http:// https://;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
}
|
|
}
|