atritschler@ecombox-aws:~/ecombox$ cat /etc/nginx/sites-enabled/default ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # https://www.nginx.com/resources/wiki/start/ # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ # https://wiki.debian.org/Nginx/DirectoryStructure # # In most cases, administrators will remove this file from sites-enabled/ and # leave it as reference inside of sites-available where it will continue to be # updated by the nginx packaging team. # # This file will automatically load configuration files provided by other # applications, such as Drupal or Wordpress. These applications will be made # available underneath a path with that package name, such as /drupal8. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## # Default server configuration # server { server_name ecombox-aws.mensa-formation.com; #listen [::]:80 default_server; # SSL configuration # listen 443 ssl; # Chemin vers les certificats (le nom des fichiers certificats est libre) ssl_certificate /etc/letsencrypt/live/ecombox-aws.mensa-formation.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/ecombox-aws.mensa-formation.com/privkey.pem; # managed by Certbot root /var/www/html; index index.html index.htm; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; error_page 404 = @404; return 404; error_page 497 = @497; return 497; } # Pour Odoo sinon les CSS ne sont pas chargés location @404 { add_header Vary Referer; # À répéter pour chaque instance if ($http_referer ~ ://[^/]*(/mensa/).*) { proxy_pass https://127.0.0.1:8800; } } # Pour Odoo avec le HTTPS sinon les CSS ne sont pas chargés location @497 { add_header Vary Referer; # À répéter pour chaque instance if ($http_referer ~ ://[^/]*(/mensa/).*) { proxy_pass https://127.0.0.1:8800; } } location /mensa/ { proxy_pass https://127.0.0.1:8800; proxy_redirect off; } # Config pour bloquer les robots (référencement) # cf https://alanivey.com/posts/2017/robots.txt-disallow-all-with-nginx/ location = /robots.txt { add_header Content-Type text/plain; return 200 "User-agent: *\nDisallow: /\n"; } add_header Strict-Transport-Security "max-age=31536000" always; # managed by Certbot ssl_trusted_certificate /etc/letsencrypt/live/ecombox-aws.mensa-formation.com/chain.pem; # managed by Certbot ssl_stapling on; # managed by Certbot ssl_stapling_verify on; # managed by Certbot } server { if ($host = ecombox-aws.mensa-formation.com) { return 301 https://$host$request_uri; } # managed by Certbot server_name ecombox-aws.mensa-formation.com; listen 80; #listen [::]:80 default_server; # SSL configuration # #listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 # # Read up on ssl_ciphers to ensure a secure configuration. # See: https://bugs.debian.org/765782 # # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # # include snippets/snakeoil.conf; # Chemin vers les certificats (le nom des fichiers certificats est libre) root /var/www/html; index index.html index.htm; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; error_page 404 = @404; return 404; error_page 497 = @497; return 497; } # Pour Odoo sinon les CSS ne sont pas chargés location @404 { add_header Vary Referer; # À répéter pour chaque instance if ($http_referer ~ ://[^/]*(/mensa/).*) { proxy_pass https://127.0.0.1:8800; } } # Pour Odoo avec le HTTPS sinon les CSS ne sont pas chargés location @497 { add_header Vary Referer; # À répéter pour chaque instance if ($http_referer ~ ://[^/]*(/mensa/).*) { proxy_pass https://127.0.0.1:8800; } } location /mensa/ { proxy_pass https://127.0.0.1:8800; proxy_redirect off; } }