/
Nginx.conf
80 lines (64 loc) · 2.63 KB
/
Nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# If you change anything in here, reload nginx
# > sudo systemctl reload nginx
server {
# This is the 443 HTTPS block
root /var/www/yourdomain.com.au/html;
index index.html index.htm index.cfm;
server_name yourdomain.com.au www.yourdomain.com.au;
location / {
# Forward the requests on port 443 (SSL) to port 8890
# on localhost which is what the Lucee container is listening on
# because in your docker compose you set port 8890:8888 via your .env file.
# ie host port 8890 maps to container port 8888
# because Tomcat inside the lucee-howto container listens on 8888
proxy_pass http://localhost:8890;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/yourdomain.com.au/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com.au/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
# This is the 80 HTTP block
# This block says: if any traffic comes in on port 80 (http:) for
# either ipv4 or ipv6,
# and for any of the domain names listed in `server_name` below,
# redirect via the 301 to the `https` server
# which the server block above will handle.
if ($host = www.yourdomain.com.au) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = yourdomain.com.au) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name yourdomain.com.au www.yourdomain.com.au;
return 404; # managed by Certbot
}
# For remote MySQL Admin access, if you want to do that.
# This is probably a bit dodgy from a security perspective.
# Remember: If you uncomment this to use it,
# then subsequently restart nginx (not just reload it) you will probably get
# a "port 3307 already in use" error.
# So, if you need to restart, you need to comment this out.
# Then, if you need it, uncomment it then reload nginx.
# server {
# # If you hear any requests to this domain on port 3307,
# # (the MySQL port defined in your .env file),
# # pass that to http://localhost:3307 which is the MySQL container.
# # Callers still need the correct password and you could also
# # user a new mysql user instead of root.
#
# listen 3307;
# listen [::]:3307;
#
# location / {
# proxy_pass http://localhost:3307;
# }
#
# server_name yourdomain.com.au www.yourdomain.com.au;
# return 404;
# }