pinecrypt-gateway-frontend/templates/snippets/nginx-https-site.conf


server {
    listen 80;
    server_name {{ common_name }};
    rewrite ^ https://{{ common_name }}\$request_uri?;
}

server {
    root /var/www/html;
    add_header X-Frame-Options "DENY";
    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
    listen 443 ssl;
    server_name $NAME;
    client_max_body_size 10G;
    ssl_certificate {{certificate_path}};
    ssl_certificate_key {{key_path}};
    ssl_client_certificate {{authority_path}};

    # Uncomment following to enable mutual authentication with certificates
    #ssl_crl {{revocations_path}};
    #ssl_verify_client on;

    location ~ \.php\$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/run/php5-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param REMOTE_USER \$ssl_client_s_dn_cn;
        include fastcgi_params;
    }
}
Initial commit 2021-05-27 10:15:46 +00:00
			`server {`
			`listen 80;`
			`server_name {{ common_name }};`
			`rewrite ^ https://{{ common_name }}\$request_uri?;`
			`}`

			`server {`
			`root /var/www/html;`
			`add_header X-Frame-Options "DENY";`
			`add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";`
			`listen 443 ssl;`
			`server_name $NAME;`
			`client_max_body_size 10G;`
			`ssl_certificate {{certificate_path}};`
			`ssl_certificate_key {{key_path}};`
			`ssl_client_certificate {{authority_path}};`

			`# Uncomment following to enable mutual authentication with certificates`
			`#ssl_crl {{revocations_path}};`
			`#ssl_verify_client on;`

			`location ~ \.php\$ {`
			`fastcgi_split_path_info ^(.+\.php)(/.+)$;`
			`fastcgi_pass unix:/run/php5-fpm.sock;`
			`fastcgi_index index.php;`
			`fastcgi_param REMOTE_USER \$ssl_client_s_dn_cn;`
			`include fastcgi_params;`
			`}`
			`}`