nginx basic settings

/etc/nginx/nginx.conf

  1. https://www.digitalocean.com/community/tutorials/how-to-improve-website-performance-using-gzip-and-nginx-on-ubuntu-20-04
  2. https://www.giftofspeed.com/gzip-test/
# Gzip Settings
gzip_min_length 256
  1. could not build optimal proxy_headers_hash, you should incr
Tags
nginx

htpasswd

  1. openssl passwd -apr1 your_password
  2. echo 'your_username:hashed_password' >> /etc/nginx/.htpasswd
  3. chmod 640 /etc/nginx/.htpasswd
  4. chown root:www-data /etc/nginx/.htpasswd
  5. vim /etc/nginx/sites-available/
location / {
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/.htpasswd;
}

script

#!/bin/zsh
# Script Version: 01
# Description: Prompt for username, generate password, hash it, and save to Nginx .htpasswd

# Set variables
# ========
Tags
nginx
script

nginx peertube

Modify your Nginx configuration to trust the proxy headers. In your server block, add:

/etc/nginx/sites-available/peertube

real_ip_header X-Forwarded-For;
set_real_ip_from 0.0.0.0/0;
Tags
nginx
peertube

proxy_buffers

[error] upstream sent too big header while reading response header from upstream

Tags
nginx

nginx owncloud proxy

upstream owncloud {
    server 10.0.3.IP;
}

server {
    listen 80;
    server_name owncloud.TLD;

    add_header Strict-Transport-Security max-age=31536000;
#    ssl_session_timeout  5m;
    include snippets/letsencrypt-acme-challenge.conf;
 

    location / {
        proxy_pass http://owncloud;
        include proxy_params;

Tags
nginx
owncloud
proxy

nginx phpMyAdmin 

server {
       server_name phpmyadmin.bubuit.net;
       add_header Strict-Transport-Security "max-age=7200";
       location / {
               proxy_pass http://10.0.3.IP;
               include proxy_params;
               proxy_ignore_client_abort on;
               
               auth_basic "Restricted";
               auth_basic_user_file /etc/nginx/htpasswd;
       }
       include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
   listen 80; # managed by Certbot
}
  1. htpasswd -c /etc/nginx/htpasswd USERNAME

&nbsp

Tags
nginx
MySQL

nginx jitsi proxy

server {
    server_name jitsi.bubuit.net;

    add_header Strict-Transport-Security "max-age=7200";

    location / {
        proxy_pass http://10.0.3.LXC-IP;
        proxy_ignore_client_abort on;
        include    proxy_params;
    }    

Tags
nginx
jitsi
proxy

nginx peertube proxy

server {
    server_name peertube.TLD;

    access_log    off;
    open_log_file_cache max=1000 inactive=20s valid=1m min_uses=2;

    include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;

Tags
nginx
peertube
proxy

nginx netdata

server {
    server_name    netdata.TLD;

    add_header Strict-Transport-Security "max-age=7200";

Tags
nginx
analytics

nginx drupal proxy

server {
    server_name bubuit.net;
#    add_header Strict-Transport-Security "max-age=7200";

    location / {
        proxy_pass http://10.0.3.LXC-IP;
        include proxy_params;
#        proxy_ignore_client_abort on;

Tags
nginx
drupal
proxy

nginx icecast proxy

server {
    server_name webradio.TLD;

    add_header Strict-Transport-Security "max-age=7200";

Tags
nginx
icecast
proxy