mabdalla/sawa-control-panel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
sawa-control-panel/nginx/sawa-panel.conf

54 lines
1.4 KiB
Text
Raw Permalink Blame History

# Sawa Control Panel — nginx Configuration Snippet
# Path on server: /etc/nginx/conf.d/sawa-panel.conf
server {
# Set this to your server's IP or hostname e.g. 10.0.0.10
listen 443 ssl;
server_name 10.0.0.10;
# Server TLS Certificates
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
# Client Certificate Authentication (mTLS)
ssl_client_certificate /etc/nginx/ssl/ca.crt;
ssl_verify_client on;
# Best practices for security
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_timeout 1d;
# Static Frontend
root /var/www/panel;
index index.html;
location / {
try_files $uri $uri/ /index.html;
}
# API Backend Reverse Proxy
location /api/ {
proxy_pass http://127.0.0.1:3001;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Deny access to . files
location ~ /\. {
deny all;
}
}
# Redirect HTTP to HTTPS
server {
listen 80;
server_name _;
return 301 https://$host$request_uri;
}
Reference in a new issue View git blame Copy permalink