pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
+env ALLOW_HTTP;
+
events {
worker_connections 768;
# multi_accept on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
+ perl_set $allow_http 'sub { return $ENV{"ALLOW_HTTP"}; }';
+
server { # simple reverse-proxy
- listen 8085;
+ listen 8085;
listen [::]:8085;
+ server_name localhost;
+ if ($allow_http != true) {
+ return 444;
+ }
+
+ # serve dynamic requests
+ location / {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_pass http://localhost:2222;
+ }
+ }
+
+ server { # simple reverse-proxy
listen 8185 ssl;
listen [::]:8185 ssl;
server_name localhost;
# serve dynamic requests
location / {
- proxy_pass http://localhost:2222;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_pass http://localhost:2222;
}
}
##