oidc-registration-php/misc/reverse-proxy.conf

server {
    server_name authserver.<My Domain Name>;
 
    location / {
        proxy_pass https://127.0.0.1:4444;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

    listen <Host IP>:4444 ssl;
}
server {
    server_name idp.<My Domain Name>;
 
    location / {
        proxy_pass https://127.0.0.1:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}
server {
    server_name <My Domain Name>;
 
    root           /var/www/html;

    index index.php;

     ssl_verify_client on;
        ssl_client_certificate /etc/nginx/certs/cas.pem;

	location ~ ^/(.+\.php)$ {
    	fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
    	if (!-f $document_root$fastcgi_script_name) {
        	return 404;
    	}
	include snippets/fastcgi-php.conf;
    	include fastcgi_params;
    	fastcgi_pass unix:/run/php/php8.2-fpm.sock;
    	fastcgi_read_timeout 600s;
    	fastcgi_param PATH_INFO $fastcgi_path_info;
    	fastcgi_intercept_errors on;
    	fastcgi_param PHP_VALUE "memory_limit = 512M
		opcache.validate_root = 1
		post_max_size = 32M
		max_execution_time = 240
		max_input_time = 240
		upload_max_filesize = 16M";
	    client_body_buffer_size 128k;
	    http2_push_preload on;
        fastcgi_param TLS_SUCCESS $ssl_client_verify;
                        fastcgi_param TLS_DN      $ssl_client_s_dn;
                        fastcgi_param TLS_CERT    $ssl_client_cert;
                        fastcgi_param TLS_FP    $ssl_client_fingerprint;
                        fastcgi_param TLS_SER   $ssl_client_serial;
                        fastcgi_param SSL_CLIENT_S_DN   $ssl_client_s_dn;
  }

  # deny access to Apache .htaccess on Nginx with PHP,
  # if Apache and Nginx document roots concur
  location ~ /\.ht {
    deny all;
  }
  
}
Added NGinx configuration file to repository. 2024-09-08 02:45:31 +00:00			`server {`
Added required DNS entries. 2024-09-13 15:23:08 +00:00			`server_name authserver.<My Domain Name>;`
Added NGinx configuration file to repository. 2024-09-08 02:45:31 +00:00
			`location / {`
			`proxy_pass https://127.0.0.1:4444;`
			`proxy_set_header Host $host;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`}`
Minor re-organising of Instructions, correction of INI file and NGinx configuration. 2024-09-19 02:22:16 +00:00
			`listen <Host IP>:4444 ssl;`
Added NGinx configuration file to repository. 2024-09-08 02:45:31 +00:00			`}`
			`server {`
Added required DNS entries. 2024-09-13 15:23:08 +00:00			`server_name idp.<My Domain Name>;`
Added NGinx configuration file to repository. 2024-09-08 02:45:31 +00:00
			`location / {`
			`proxy_pass https://127.0.0.1:3000;`
			`proxy_set_header Host $host;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`}`
			`}`
			`server {`
Added required DNS entries. 2024-09-13 15:23:08 +00:00			`server_name <My Domain Name>;`
Added NGinx configuration file to repository. 2024-09-08 02:45:31 +00:00
			`root /var/www/html;`

			`index index.php;`

			`ssl_verify_client on;`
			`ssl_client_certificate /etc/nginx/certs/cas.pem;`

			`location ~ ^/(.+\.php)$ {`
			`fastcgi_split_path_info ^(.+?\.php)(\|/.*)$;`
			`if (!-f $document_root$fastcgi_script_name) {`
			`return 404;`
			`}`
			`include snippets/fastcgi-php.conf;`
			`include fastcgi_params;`
			`fastcgi_pass unix:/run/php/php8.2-fpm.sock;`
			`fastcgi_read_timeout 600s;`
			`fastcgi_param PATH_INFO $fastcgi_path_info;`
			`fastcgi_intercept_errors on;`
			`fastcgi_param PHP_VALUE "memory_limit = 512M`
			`opcache.validate_root = 1`
			`post_max_size = 32M`
			`max_execution_time = 240`
			`max_input_time = 240`
			`upload_max_filesize = 16M";`
Modified NGINX configuration after further testing. 2024-09-18 01:14:29 +00:00			`client_body_buffer_size 128k;`
			`http2_push_preload on;`
			`fastcgi_param TLS_SUCCESS $ssl_client_verify;`
Added NGinx configuration file to repository. 2024-09-08 02:45:31 +00:00			`fastcgi_param TLS_DN $ssl_client_s_dn;`
			`fastcgi_param TLS_CERT $ssl_client_cert;`
			`fastcgi_param TLS_FP $ssl_client_fingerprint;`
			`fastcgi_param TLS_SER $ssl_client_serial;`
			`fastcgi_param SSL_CLIENT_S_DN $ssl_client_s_dn;`
			`}`

			`# deny access to Apache .htaccess on Nginx with PHP,`
			`# if Apache and Nginx document roots concur`
			`location ~ /\.ht {`
			`deny all;`
			`}`

			`}`