safebox/proxy-scheduler
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixing ssl redirection in ngnix config create script.

Browse Source
This commit is contained in:
Gyorgy Berenyi
2021-10-05 18:50:13 +00:00
parent 63a4496e5f
commit 056e907622
1 changed files with 28 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
scripts/nginx_config_create.sh
View File

@@ -81,24 +81,17 @@ if [[ $HTTPS_PORT != "" ]]; then
echo "server {
listen $HTTPS_PORT ssl;
server_name $DOMAIN_NAME;
rewrite_log on;"
if [[ $REDIRECT_HTTPS != "" ]]; then
echo "return 301 $REDIRECT_HTTPS;"
else
echo "proxy_ssl_server_name on;
rewrite_log on;
proxy_ssl_server_name on;
ssl_dhparam /etc/ssl/keys/$DOMAIN/dhparam.pem;
ssl_certificate /etc/ssl/keys/$DOMAIN/fullchain.pem;
ssl_certificate_key /etc/ssl/keys/$DOMAIN/key.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "'"EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"'";
# Hardening as-per https://gist.github.com/plentz/6737338
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
ssl_stapling on;"
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
ssl_stapling on;"
if [[ $ERROR_PAGE != "" && $HTTPS_PORT != "" ]]; then
@@ -111,6 +104,9 @@ location = /$ERROR_PAGE {
}"
fi
if [[ $REDIRECT_HTTPS != "" ]]; then
echo "return 301 $REDIRECT_HTTPS;"
else
echo "location / {"
if [[ $HTTP_PORT != "" ]]; then