Differences

This shows you the differences between two versions of the page.

--- linux:nginx [2021/05/16 00:01] – gsys
+++ linux:nginx [2025/06/05 18:37] (current) – gsys
@@ Line 1: / Line 1: @@
-====== Nginx ======
+====== nginx ======
-===== Reverse Proxy =====
-==== Exchange OWA/EAS ====
+===== Installation =====
+** Optional: Offizielles nginx-Repo hinzufügen** \\
+Datei ''/etc/apt/sources.list.d/nginx.list'' erstellen mit folgendem Inhalt ("bullseye" durch entsprechendes Release ersetzen) erstellen:
+<code>
+deb https://nginx.org/packages/debian/ bullseye nginx
+deb-src https://nginx.org/packages/debian/ bullseye nginx
+</code>
+Ggf. muss der NGNINX-GPG-Key noch installiert werden:
+<code>
+sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys <Key ID aus Fehlermeldung>
+</code>
+** Installation von nginx **
+<code>
+sudo apt update
+sudo apt install nginx
+</code>
+<code>
+sudo systemctl enable --now nginx
+</code>
+===== Konfiguration =====
+** Dateien für die Grundkonfiguration **
+<code>
+/etc/nginx/conf.d/default.conf
+/etc/nginx/nginx.conf
+</code>
+==== Hide version ====
+<code>
+server_tokens off;
+</code>
+''/etc/nginx/nginx.conf''
+<code>
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+    access_log  /var/log/nginx/access.log  main;
+    server_tokens off;
+    sendfile        on;
+    #tcp_nopush     on;
+    keepalive_timeout  65;
+    #gzip  on;
+    include /etc/nginx/conf.d/*.conf;
+}
+</code>
+==== Reverse Proxy ====
+=== LDAPS ===
+<code>
+stream {
+  server {
+    listen 636 ssl;
+    ssl_certificate /etc/nginx/certs/chain.crt;
+    ssl_certificate_key /etc/nginx/certs/private/certificate.key;
+    proxy_pass 192.168.1.123:636;
+    proxy_ssl on;
+    proxy_ssl_verify off;
+  }
+}
+</code>
+=== Exchange OWA/EAS ===
 default.conf (docker)
@@ Line 119: / Line 200: @@
         add_header Strict-Transport-Security "max-age=31536000" always;
-        location /             { proxy_pass https://mail.example.org/owa; }
+        location /             { return 301 https://$host/owa; }
         location /owa          { proxy_pass https://mail.example.org; }
         location /OWA          { proxy_pass https://mail.example.org; }
@@ Line 136: / Line 217: @@
 </code>
+=== Nextcloud ===
+<code>
+upstream cloud.example.com-upstream {
+                        server 192.168.1.234:80;
+}
+server {
+        server_name cloud.example.com;
+        listen 80 ;
+        listen [::]:80 ;
+        access_log /var/log/nginx/access.cloud.example.com.log vhost;
+        location / {
+                return 301 https://$host$request_uri;
+        }
+}
+server {
+        server_name cloud.example.com;
+        listen 443 ssl http2 ;
+        listen [::]:443 ssl http2 ;
+        access_log /var/log/nginx/access.cloud.example.com.log vhost;
+        ssl_session_timeout 5m;
+        ssl_session_cache shared:SSL:50m;
+        ssl_session_tickets off;
+        ssl_certificate /etc/nginx/certs/cloud.example.com.crt;
+        ssl_certificate_key /etc/nginx/certs/private/cloud.example.com.key;
+        ssl_dhparam /etc/nginx/certs/dhparam/dhparam.pem;
+        ssl_stapling on;
+        ssl_stapling_verify on;
+        ssl_trusted_certificate /etc/nginx/certs/cloud.example.com-fullchain.crt;
+        add_header Strict-Transport-Security "max-age=31536000" always;
+        proxy_buffering off;
+        client_max_body_size 64m;
+        location / {
+                proxy_pass http://cloud.example.com-upstream;
+        }
+        location = /.well-known/carddav {
+                return 301 $scheme://$host:$server_port/remote.php/dav;
+        }
+        location = /.well-known/caldav {
+                return 301 $scheme://$host:$server_port/remote.php/dav;
+        }
+}
+</code>
+===== index.html =====
+https://github.com/nginx/nginx/blob/master/docs/html/index.html