...
| Code Block | ||
|---|---|---|
| ||
server {
listen 443 ssl http2;
server_name biblioteka-miejska.sowa.pl;
root /dev/null;
ssl_certificate /etc/letsencrypt/live/biblioteka-miejska.sowa.pl/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/biblioteka-miejska.sowa.pl/privkey.pem;
keepalive_timeout 10m;
access_log /var/log/nginx/biblioteka-miejska.sowa.pl-access.log;
location / {
client_max_body_size 8m;
proxy_pass http://opac;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_request_buffering off;
add_header Content-Security-Policy "default-src 'self' data: 'unsafe-inline'; script-src 'self' data: 'unsafe-inline' 'unsafe-eval' www.google.com www.gstatic.com www.googletagmanager.com; connect-src 'self' www.googletagmanager.com; frame-src 'self' www.google.com; img-src *;";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options SAMEORIGIN;
}
}
|
| Code Block | ||
|---|---|---|
| ||
<VirtualHost *:8080>
DocumentRoot /home/sowa/sowa.opac/public
ServerName biblioteka-miejska.sowa.pl
DirectoryIndex index.php
ErrorLog /var/log/apache2/biblioteka-miejska.sowa.pl-error.log
TransferLog /var/log/apache2/biblioteka-miejska.sowa.pl-access.log
LogFormat combined
<Directory /home/sowa/sowa.opac/public>
Options SymlinksIfOwnerMatch
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
Require all granted
</Directory>
RewriteEngine on
</VirtualHost>
|
...