server { listen 80; listen [::]:80; # Fortell nettleseren at den skal gå til HTTPS-siden i stedet for server_name zabbix.hovedprosjekt.no; return 301 https://$host$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name zabbix.hovedprosjekt.no; root /var/www/html; # Sertifikat for å ha gyldig HTTPS ssl_certificate /srv/ssl/zabbix/fullchain.pem; ssl_certificate_key /srv/ssl/zabbix/key.pem; server_tokens off; # Diverse HTTP headere for bedre sikkerhet add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block"; add_header X-Content-Type-Options "nosniff"; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; index index.nginx-debian.html index.html index.htm; charset utf-8; # Fortell NGINX at den skal videresende # forespørsler til loopback på port 8080. location / { proxy_pass http://127.0.0.1:8080; include proxy_params; } location = /favicon.ico { access_log off; log_not_found off; } location = /robots.txt { access_log off; log_not_found off; } access_log /var/log/nginx/zabbix.hovedprosjekt.no-access.log combined; error_log /var/log/nginx/zabbix.hovedprosjekt.no-error.log error; location ~ /\.ht { deny all; } }