summaryrefslogtreecommitdiff
path: root/monit/nginx-vhost.conf
diff options
context:
space:
mode:
Diffstat (limited to 'monit/nginx-vhost.conf')
-rw-r--r--monit/nginx-vhost.conf25
1 files changed, 25 insertions, 0 deletions
diff --git a/monit/nginx-vhost.conf b/monit/nginx-vhost.conf
new file mode 100644
index 0000000..1a33323
--- /dev/null
+++ b/monit/nginx-vhost.conf
@@ -0,0 +1,25 @@
+server {
+ listen 443 ssl;
+ server_name monit.example.org
+
+ ssl_certificate /etc/nginx/ssl/example.crt;
+ ssl_certificate_key /etc/nginx/ssl/example.key;
+
+ ssl_prefer_server_ciphers On;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
+ add_header Strict-Transport-Security max-age=15768000;
+ ssl_session_cache shared:SSL:50m;
+ ssl_session_timeout 10m;
+
+ location / {
+ proxy_pass http://127.0.0.1:2812;
+ proxy_set_header Host 127.0.0.1;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $scheme;
+ add_header Front-End-Https on;
+ }
+
+}
+