[NGINX] Legg til configs for NGINX

2020-04-22 12:10:09 +02:00 · 2020-04-22 12:10:09 +02:00 · b1cf368e5b
commit b1cf368e5b
parent e17f57c3b5
2 changed files with 95 additions and 0 deletions
--- a/NGINX/grafana.conf
+++ b/NGINX/grafana.conf
@ -0,0 +1,48 @@
+server {
+    listen 80;
+    listen [::]:80;
+
+    # Fortell nettleseren at den skal gå til HTTPS-siden i stedet for
+    server_name grafana.hovedprosjekt.no;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name grafana.hovedprosjekt.no;
+    root /var/www/html;
+
+    # Sertifikat for å ha gyldig HTTPS
+    ssl_certificate /srv/ssl/grafana/fullchain.pem;
+    ssl_certificate_key /srv/ssl/grafana/key.pem;
+
+    server_tokens off;
+
+    # Diverse HTTP headere for bedre sikkerhet
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Content-Type-Options "nosniff";
+    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
+
+    index index.nginx-debian.html index.html index.htm;
+
+    charset utf-8;
+
+    # Fortell NGINX at den skal videresende
+    # forespørsler til loopback på port 3000.
+    location / {
+        proxy_pass http://127.0.0.1:3000;
+        include proxy_params;
+    }
+
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location = /robots.txt  { access_log off; log_not_found off; }
+
+    access_log /var/log/nginx/grafana.hovedprosjekt.no-access.log combined;
+    error_log  /var/log/nginx/grafana.hovedprosjekt.no-error.log error;
+
+    location ~ /\.ht {
+        deny all;
+    }
+}
--- a/NGINX/zabbix.conf
+++ b/NGINX/zabbix.conf
@ -0,0 +1,47 @@
+server {
+    listen 80;
+    listen [::]:80;
+    
+    # Fortell nettleseren at den skal gå til HTTPS-siden i stedet for
+    server_name zabbix.hovedprosjekt.no;
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    listen [::]:443 ssl http2;
+    server_name zabbix.hovedprosjekt.no;
+    root /var/www/html;
+
+    # Sertifikat for å ha gyldig HTTPS
+    ssl_certificate /srv/ssl/zabbix/fullchain.pem;
+    ssl_certificate_key /srv/ssl/zabbix/key.pem;
+
+    server_tokens off;
+    # Diverse HTTP headere for bedre sikkerhet
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Content-Type-Options "nosniff";
+    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
+
+    index index.nginx-debian.html index.html index.htm;
+
+    charset utf-8;
+
+    # Fortell NGINX at den skal videresende
+    # forespørsler til loopback på port 8080.
+    location / {
+        proxy_pass http://127.0.0.1:8080;
+        include proxy_params;
+    }
+
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location = /robots.txt  { access_log off; log_not_found off; }
+
+    access_log /var/log/nginx/zabbix.hovedprosjekt.no-access.log combined;
+    error_log  /var/log/nginx/zabbix.hovedprosjekt.no-error.log error;
+
+    location ~ /\.ht {
+        deny all;
+    }
+}