server {
server_name netdata.TLD;
add_header Strict-Transport-Security "max-age=7200";
location / {
proxy_pass http://127.0.0.1:19999;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_ignore_client_abort on;
client_max_body_size 10M;
proxy_read_timeout 600s;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/htpasswd;
}
listen 80; # managed by Certbot
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
}