ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-08-02 23:43:36 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

improve custom locations

Browse Source
This commit is contained in:
Zoey
2024-01-02 02:51:46 +01:00
parent 58d28b9867
commit d1c5808176
3 changed files with 30 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
backend/templates/_location.conf
View File

@@ -1,17 +1,17 @@
location {{ path }} { location {{ path }} {
proxy_set_header Accept-Encoding ""; set $forward_path "{{ forward_path }}";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %} {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade; proxy_set_header Connection $connection_upgrade;
{% endif %} {% endif %}
include conf.d/include/proxy-location.conf;
proxy_set_header X-Forwarded-Host $host{{ path }};
if ($forward_path = "") {
rewrite ^{{ path }}(/.*)$ $1 break;
}
proxy_pass {{ forward_scheme }}://{{ forward_host }}:{{ forward_port }}{{ forward_path }};
{{ advanced_config }} {{ advanced_config }}
} }

15
backend/templates/proxy_host.conf
View File

@@ -25,18 +25,18 @@ server {
include conf.d/include/acme-challenge.conf; include conf.d/include/acme-challenge.conf;
include conf.d/include/block-exploits.conf; include conf.d/include/block-exploits.conf;
{% if access_list_id > 0 %}
{% if access_list.items.length > 0 %}
{{ access_list.passauth }}
{% endif %}
{% endif %}
{{ advanced_config }} {{ advanced_config }}
{% if use_default_location %} {% if use_default_location %}
location / { location / {
include conf.d/include/acme-challenge.conf; include conf.d/include/acme-challenge.conf;
{% if access_list_id > 0 %}
{% if access_list.items.length > 0 %}
{{ access_list.passauth }}
{% endif %}
{% endif %}
{% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %} {% if allow_websocket_upgrade == 1 or allow_websocket_upgrade == true %}
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade; proxy_set_header Connection $connection_upgrade;
@@ -44,6 +44,9 @@ server {
# Proxy! # Proxy!
include conf.d/include/proxy.conf; include conf.d/include/proxy.conf;
# custom locations
{{ locations }}
} }
{% endif %} {% endif %}

12
rootfs/usr/local/nginx/conf/conf.d/include/proxy-location.conf Normal file
View File

@@ -0,0 +1,12 @@
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
proxy_ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA;
proxy_http_version 1.1;