Services/NGINX/grafana.conf

48 lines
1.4 KiB
Plaintext
Raw Normal View History

2020-04-22 12:10:09 +02:00
server {
listen 80;
listen [::]:80;
# Fortell nettleseren at den skal gå til HTTPS-siden i stedet for
server_name grafana.hovedprosjekt.no;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name grafana.hovedprosjekt.no;
root /var/www/html;
# Sertifikat for å ha gyldig HTTPS
ssl_certificate /srv/ssl/grafana/fullchain.pem;
ssl_certificate_key /srv/ssl/grafana/key.pem;
server_tokens off;
# Diverse HTTP headere for bedre sikkerhet
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
index index.nginx-debian.html index.html index.htm;
charset utf-8;
# Fortell NGINX at den skal videresende
# forespørsler til loopback på port 3000.
location / {
proxy_pass http://127.0.0.1:3000;
include proxy_params;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log /var/log/nginx/grafana.hovedprosjekt.no-access.log combined;
error_log /var/log/nginx/grafana.hovedprosjekt.no-error.log error;
location ~ /\.ht {
deny all;
}
}