# For more information on configuration, see: # * Official English Documentation: http://nginx.org/en/docs/ # * Official Russian Documentation: http://nginx.org/ru/docs/ user nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic. include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 4096; include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See http://nginx.org/en/docs/ngx_core_module.html#include # for more information. include /etc/nginx/conf.d/*.conf; # Modified for Reverse Proxy IP Hash based (sticky sessions) Load Balancing # to a backend server group (3 servers in this case with 2 of the # servers commented out for now) called backend: upstream backend { ip_hash; server webserver1.mylocaldomain.local; # server webserver2.mylocaldomain.local; # server webserver3.mylocaldomain.local; } # Replace X.X.X.X with the IP address of the OUTSIDE interface: server { listen X.X.X.X:80; # listen X.X.X.X:443 ssl; # IPv6 Addresses use below: # listen [::]:80; # listen [::]:443; # Use "server_name _;" if the server name matches the host name # Otherwise use: server_name http:// ; server_name _; # When using ssl, redirect all Port 80 requests to port 443: # return 301 https://$host$request_uri; # Enable SSL Encryption (also uncomment the listen directive on 443 above) # ssl on; # ssl_certificate /etc/nginx/ssl/example.com/server.crt; # ssl_certificate_key /etc/nginx/ssl/example.com/server.key; # ssl_trusted_certificate /etc/nginx/ssl/example.com/ca-certs.pem; # Location directive binds to the IP address of the INSIDE interface # Replace X.X.X.X with the IP address of your INSIDE interface # This will proxy with appropriate headers for Joomla to the backend # server cluster defined above location / { proxy_bind X.X.X.X; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_pass http://backend; } # Remaining defaults commented out for reverse proxy # root /usr/share/nginx/html; # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # error_page 404 /404.html; # location = /404.html { # } # error_page 500 502 503 504 /50x.html; # location = /50x.html { # } } # Settings for a TLS enabled server. # # server { # listen 443 ssl http2; # listen [::]:443 ssl http2; # server_name _; # root /usr/share/nginx/html; # # ssl_certificate "/etc/pki/nginx/server.crt"; # ssl_certificate_key "/etc/pki/nginx/private/server.key"; # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 10m; # ssl_ciphers PROFILE=SYSTEM; # ssl_prefer_server_ciphers on; # # # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf; # # error_page 404 /404.html; # location = /40x.html { # } # # error_page 500 502 503 504 /50x.html; # location = /50x.html { # } # } }