66 lines
1.9 KiB
Text
66 lines
1.9 KiB
Text
server {
|
|
server_name authserver.<My Domain Name>;
|
|
|
|
location / {
|
|
proxy_pass https://127.0.0.1:4444;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
|
|
listen <Host IP>:4444 ssl;
|
|
}
|
|
server {
|
|
server_name idp.<My Domain Name>;
|
|
|
|
location / {
|
|
proxy_pass https://127.0.0.1:3000;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
}
|
|
}
|
|
server {
|
|
server_name <My Domain Name>;
|
|
|
|
root /var/www/html;
|
|
|
|
index index.php;
|
|
|
|
ssl_verify_client on;
|
|
ssl_client_certificate /etc/nginx/certs/cas.pem;
|
|
|
|
location ~ ^/(.+\.php)$ {
|
|
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
|
|
if (!-f $document_root$fastcgi_script_name) {
|
|
return 404;
|
|
}
|
|
include snippets/fastcgi-php.conf;
|
|
include fastcgi_params;
|
|
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
|
fastcgi_read_timeout 600s;
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
fastcgi_intercept_errors on;
|
|
fastcgi_param PHP_VALUE "memory_limit = 512M
|
|
opcache.validate_root = 1
|
|
post_max_size = 32M
|
|
max_execution_time = 240
|
|
max_input_time = 240
|
|
upload_max_filesize = 16M";
|
|
client_body_buffer_size 128k;
|
|
http2_push_preload on;
|
|
fastcgi_param TLS_SUCCESS $ssl_client_verify;
|
|
fastcgi_param TLS_DN $ssl_client_s_dn;
|
|
fastcgi_param TLS_CERT $ssl_client_cert;
|
|
fastcgi_param TLS_FP $ssl_client_fingerprint;
|
|
fastcgi_param TLS_SER $ssl_client_serial;
|
|
fastcgi_param SSL_CLIENT_S_DN $ssl_client_s_dn;
|
|
}
|
|
|
|
# deny access to Apache .htaccess on Nginx with PHP,
|
|
# if Apache and Nginx document roots concur
|
|
location ~ /\.ht {
|
|
deny all;
|
|
}
|
|
|
|
}
|