Nginx.md

You should look at the following URL's in order to grasp a solid understanding

of Nginx configuration files in order to fully unleash the power of Nginx.

http://wiki.nginx.org/Pitfalls

http://wiki.nginx.org/QuickStart

http://wiki.nginx.org/Configuration

Generally, you will want to move this file somewhere, and start with a clean

file but keep this around for reference. Or just disable in sites-enabled.

Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.

Default server configuration

#server {

listen 80 default_server;

listen [::]:80 default_server;

# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;

root /var/www/html;

# Add index.php to the list if you are using PHP

index index.html index.htm index.nginx-debian.html;

server_name _;

location / {

	# First attempt to serve request as file, then
	# as directory, then fall back to displaying a 404.

try_files $uri $uri/ =404;

}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
#	include snippets/fastcgi-php.conf;
#
#	# With php7.0-cgi alone:
#	fastcgi_pass 127.0.0.1:9000;
#	# With php7.0-fpm:
#	fastcgi_pass unix:/run/php/php7.0-fpm.sock;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
#	deny all;
#}

#}

Virtual Host configuration for example.com

You can move that to a different file under sites-available/ and symlink that

to sites-enabled/ to enable it.

#server {

listen 80;

listen [::]:80;

server_name example.com;

root /var/www/example.com;

index index.html;

location / {

try_files $uri $uri/ =404;

}

#}

server { #server_name 18.139.37.48; server_name edposapi.bbcpool.io; location / { proxy_pass http://localhost:5000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection keep-alive; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; }

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/edposapi.bbcpool.io/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/edposapi.bbcpool.io/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server { #server_name 18.139.37.48; server_name edposapi-test.bbcpool.io; location / { proxy_pass http://localhost:8888; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection keep-alive; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; }

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/edposapi-test.bbcpool.io/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/edposapi-test.bbcpool.io/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server { listen 80 default_server; # listen [::]:80 default_server deferred; return 444; }

server { if ($host = edposapi.bbcpool.io) { return 301 https://$host$request_uri; } # managed by Certbot

listen        80;
server_name    edposapi.bbcpool.io;
return 404; # managed by Certbot

}

server { if ($host = edposapi-test.bbcpool.io) { return 301 https://$host$request_uri; } # managed by Certbot

listen        80;
server_name    edposapi-test.bbcpool.io;
return 404; # managed by Certbot

}