fachinformatiker-wiki

it's easy when it's here

User Tools

Site Tools

Trace:
linux:nginx

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:nginx [2021/11/03 18:05] – [Installation] gsyslinux:nginx [2025/06/05 18:37] (current) gsys
Line 1: Line 1:
-====== NGINX ======+====== nginx ======
  
 ===== Installation ===== ===== Installation =====
  
-** Optional: Offizielles NGINX-Repo hinzufügen** \\+** Optional: Offizielles nginx-Repo hinzufügen** \\
  
 Datei ''/etc/apt/sources.list.d/nginx.list'' erstellen mit folgendem Inhalt ("bullseye" durch entsprechendes Release ersetzen) erstellen: Datei ''/etc/apt/sources.list.d/nginx.list'' erstellen mit folgendem Inhalt ("bullseye" durch entsprechendes Release ersetzen) erstellen:
Line 16: Line 16:
 </code> </code>
  
-** Installation von NGINX **+** Installation von nginx **
 <code> <code>
 sudo apt update sudo apt update
Line 30: Line 30:
 /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf
 /etc/nginx/nginx.conf /etc/nginx/nginx.conf
 +</code>
 +
 +
 +==== Hide version ====
 +
 +<code>
 +server_tokens off;
 +</code>
 +
 +''/etc/nginx/nginx.conf''
 +<code>
 +http {
 +    include       /etc/nginx/mime.types;
 +    default_type  application/octet-stream;
 +
 +    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
 +                      '$status $body_bytes_sent "$http_referer" '
 +                      '"$http_user_agent" "$http_x_forwarded_for"';
 +
 +    access_log  /var/log/nginx/access.log  main;
 +
 +    server_tokens off;
 +
 +    sendfile        on;
 +    #tcp_nopush     on;
 +
 +    keepalive_timeout  65;
 +
 +    #gzip  on;
 +
 +    include /etc/nginx/conf.d/*.conf;
 +}
 </code> </code>
  
 ==== Reverse Proxy ==== ==== Reverse Proxy ====
  
 +=== LDAPS ===
  
 +<code>
 +stream {
 +  server {
 +    listen 636 ssl;
 +
 +    ssl_certificate /etc/nginx/certs/chain.crt;
 +    ssl_certificate_key /etc/nginx/certs/private/certificate.key;
 +
 +    proxy_pass 192.168.1.123:636;
 +    proxy_ssl on;
 +    proxy_ssl_verify off;
 +  }
 +}
 +</code>
  
-FIXME +=== Exchange OWA/EAS ===
-==== Exchange OWA/EAS ====+
  
 default.conf (docker) default.conf (docker)
Line 171: Line 217:
  
 </code> </code>
 +
 +=== Nextcloud ===
 +
 +<code>
 +upstream cloud.example.com-upstream {
 +                        server 192.168.1.234:80;
 +}
 +server {
 +        server_name cloud.example.com;
 +        listen 80 ;
 +        listen [::]:80 ;
 +        access_log /var/log/nginx/access.cloud.example.com.log vhost;
 +        location / {
 +                return 301 https://$host$request_uri;
 +        }
 +}
 +server {
 +        server_name cloud.example.com;
 +        listen 443 ssl http2 ;
 +        listen [::]:443 ssl http2 ;
 +        access_log /var/log/nginx/access.cloud.example.com.log vhost;
 +        ssl_session_timeout 5m;
 +        ssl_session_cache shared:SSL:50m;
 +        ssl_session_tickets off;
 +        ssl_certificate /etc/nginx/certs/cloud.example.com.crt;
 +        ssl_certificate_key /etc/nginx/certs/private/cloud.example.com.key;
 +        ssl_dhparam /etc/nginx/certs/dhparam/dhparam.pem;
 +        ssl_stapling on;
 +        ssl_stapling_verify on;
 +        ssl_trusted_certificate /etc/nginx/certs/cloud.example.com-fullchain.crt;
 +        add_header Strict-Transport-Security "max-age=31536000" always;
 +        proxy_buffering off;
 +        client_max_body_size 64m;
 +        location / {
 +                proxy_pass http://cloud.example.com-upstream;
 +        }
 +        location = /.well-known/carddav {
 +                return 301 $scheme://$host:$server_port/remote.php/dav;
 +        }
 +        location = /.well-known/caldav {
 +                return 301 $scheme://$host:$server_port/remote.php/dav;
 +        }
 +}
 +</code>
 +
 +===== index.html =====
 +https://github.com/nginx/nginx/blob/master/docs/html/index.html
linux/nginx.1635959142.txt.gz · Last modified: 2024/02/17 19:03 (external edit)