Nginx – Reverse proxy

 

 

Configuration

Config pour Rocket.Chat

server {
 listen 80;
 listen [::]:80;
 server_name rocketchat.infos-reseau.com;
 location ~ .well-known/acme-challenge {
 root /home/rocketchat/www/;
 default_type text/plain;
 allow all;
 }
 location / {
 return 301 https://$server_name$request_uri;
 }
 }
 server {
 listen 443 ssl;
 server_name rocketchat.infos-reseau.com;
 add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
 ssl on;
 ssl_session_cache builtin:1000 shared:SSL:10m;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 ## ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
 ssl_certificate /etc/letsencrypt/live/rocketchat.infos-reseau.com/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/rocketchat.infos-reseau.com/privkey.pem;
 location / {
 proxy_pass https://192.168.1.10:3000;
 proxy_http_version 1.1;
 proxy_read_timeout 150;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "upgrade";
 proxy_set_header Host $http_host;
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
 proxy_set_header X-Forward-Proto http;
 proxy_set_header X-Nginx-Proxy true;
 proxy_set_header X-Forwarded-Proto $scheme;
 proxy_redirect off;

access_log /var/log/nginx/rocketchatinfos-reseau.com_access.log;
 error_log /var/log/nginx/rocketchatinfos-reseau.com_error.log;

}
 }