liusc

Members
  • Posts

    1
  • Joined

  • Last visited

liusc's Achievements

Noob

Noob (1/14)

0

Reputation

  1. Currently i try to convert nginx conf to apache conf, anyone could help on below: nginx conf: server { listen 80; listen [::]:80; server_name dock-ss.lab.sss.com.my; location / { return 301 https://$server_name$request_uri; } } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name dock-ss.lab.sss.com.my; include /etc/nginx/snippets/ssl.conf; include /etc/nginx/snippets/secure_header.conf; add_header X-Frame-Options SAMEORIGIN; location /v2 { # Do not allow connections from docker 1.5 and earlier # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) { return 404; } client_max_body_size 0; proxy_pass http://127.0.0.1:5000/v2; proxy_set_header Host $http_host; # required for docker client's sake proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 900; } location /auth { proxy_pass http://127.0.0.1:5001/auth; proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } ssl.conf: ssl_certificate /etc/pki/tls/certs/wildcard.lab.sss.com.my.crt; ssl_certificate_key /etc/pki/tls/private/wildcard.lab.sss.com.my.key; ssl_session_timeout 180m; ssl_session_cache shared:SSL:10m; ssl_session_tickets off; ssl_protocols TLSv1.2; ssl_dhparam /etc/nginx/cert/dhparam.pem; ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DHE+AES128:!ADH:!AECDH:!MD5; ssl_ecdh_curve secp384r1; ssl_prefer_server_ciphers on; ssl_stapling on; ssl_stapling_verify on;