nginx config server code example

Example 1: nginx config

server {
    listen 80;
    listen [::]:80;
    index index.html index.htm;
    root /usr/share/nginx/html;
    server_name restuwahyu-tech.com www.restuwahyu-tech.com;
    return 301 https://$host$request_uri;
 
    location / {
       proxy_pass http://nodejs:8080;
    }
 
    location ~ /.well-known/acme-challenge{
      allow all;
      root /usr/share/nginx/html;
    }
}
 
server {
     listen 443 ssl http2;
     listen [::]:443 ssl http2;
     server_name restuwahyu-tech.com;
     index index.html index.htm;
     root /usr/share/nginx/html;
 
     access_log /var/logs/nginx/access;
     error_log /var/logs/nginx/error;
 
     ssl_certificate /etc/nginx/ssl/live/restuwahyu-tech.com/fullchain.pem;
     ssl_certificate_key /etc/nginx/ssl/live/restuwahyu-tech.com/privkey.pem;
     ssl_session_timeout 1d;
     ssl_session_cache shared:SSL:10m;
     ssl_session_tickets off;
     ssl_dhparam /etc/nginx/dhparam/dhparam-2048.pem;
     ssl_buffer_size 8k;
     ssl_protocols TLSv1.2 TLSv1.3;
     ssl_prefer_server_ciphers off;
     ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
     ssl_stapling on;
     ssl_stapling_verify on;
 
     add_header X-Frame-Options           "SAMEORIGIN" always;
     add_header X-XSS-Protection          "1; mode=block" always;
     add_header X-Content-Type-Options    "nosniff" always;
     add_header Referrer-Policy           "no-referrer-when-downgrade" always;
     add_header Content-Security-Policy   "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
     add_header Strict-Transport-Security "max-age=63072000" always;
 
     resolver 9.9.9.9;
     resolver_timeout 2s;
 
     location / {
      proxy_pass http://nodejs:8080;
    }

Example 2: How to Configure NGINX

1. Directives, Blocks, and Contexts
File: /etc/nginx/nginx.conf
user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events {
       . . .
}

http {
       . . .
}

2. The http Block
File: /etc/nginx/nginx.conf
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}
3. Server Blocks
File: /etc/nginx/conf.d/example.com.conf
server {
    listen         80 default_server;
    listen         [::]:80 default_server;
    server_name    example.com www.example.com;
    root           /var/www/example.com;
    index          index.html;
    try_files $uri /index.html;
}
4. Listening Ports
File: /etc/nginx/conf.d/example.com.conf
server_name   example.com www.example.com;
5. Location Blocks
location / { }
location /images/ { }
location /blog/ { }
location /planet/ { }
location /planet/blog/ { }

6. Location Root and Index
location / {
    root html;
    index index.html index.htm;
}

Tags:

Misc Example