#workadventure upstream workadventure { server 172.21.0.1:9999; } # HTTP server { listen 80; server_name *.workadventure.domain.tld; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; location / { proxy_redirect off; proxy_pass http://workadventure; } # Add Headers for proxy mode proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header Accept-Encoding ""; # add_header Access-Control-Allow-Origin *; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_http_version 1.1; } server { listen 443 ssl; server_name *.workadventure.domain.tld; # Add Headers for proxy mode proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header Accept-Encoding ""; # add_header Access-Control-Allow-Origin *; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_http_version 1.1; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; # Upload limit and security client_max_body_size 10000m; server_tokens off; # Buffer_size proxy_buffer_size 512k; proxy_buffers 4 512k; proxy_busy_buffers_size 512k; #fastcgi_buffers 16 32k; #fastcgi_buffer_size 64k; #fastcgi_busy_buffers_size 64k; # SSL parameters ssl_session_timeout 30m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # logs access_log /var/log/nginx/workadventure.access.log; error_log /var/log/nginx/workadventure.error.log; # Redirect requests to https location / { proxy_redirect off; proxy_pass http://workadventure; } ssl_certificate /etc/letsencrypt/live/workadventure.domaine.tld/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/workadventure.domaine.tld/privkey.pem; }