File nginx-https.conf of Package rmt-server.8592
upstream rmt {
server 127.0.0.1:4224;
}
server {
listen 443 ssl;
server_name rmt;
access_log /var/log/nginx/rmt_https_access.log;
error_log /var/log/nginx/rmt_https_error.log;
root /usr/share/rmt/public;
ssl_certificate /etc/rmt/ssl/rmt-server.crt;
ssl_certificate_key /etc/rmt/ssl/rmt-server.key;
ssl_protocols TLSv1.2 TLSv1.3;
location / {
try_files $uri/index.html $uri.html $uri @rmt_app;
autoindex off;
}
location /repo {
autoindex on;
}
location @rmt_app {
proxy_pass http://rmt;
proxy_redirect off;
proxy_read_timeout 600;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Real-IP $remote_addr;
}
# An alias to RMT CA certificate, so that it can be downloaded to client machines.
location /rmt.crt {
alias /etc/rmt/ssl/rmt-ca.crt;
}
}
