From 71158d2b9a7393578724f3e1284428331e826c06 Mon Sep 17 00:00:00 2001
From: David Rotermund <davrot@uni-bremen.de>
Date: Sat, 19 Oct 2024 16:26:37 +0200
Subject: [PATCH] Create nginx.conf

---
 nginx.conf | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 nginx.conf

diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000..d97dcd3
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,32 @@
+events {}
+http {
+    server {
+    listen 80 default_server;
+    server_name _;
+    return 301 https://$host$request_uri;
+    }
+
+    server {
+	listen 443 ssl;
+	ssl_certificate      /certs/nginx_certificate.pem;
+	ssl_certificate_key  /certs/nginx_key.pem;
+	ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;
+	ssl_prefer_server_ciphers   on;
+	ssl_ciphers                 EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
+	add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
+	server_tokens off;
+	client_max_body_size 50M;
+
+	location / {
+	    proxy_pass http://server:3000;
+	    proxy_set_header X-Forwarded-Proto $scheme;
+	    proxy_http_version 1.1;
+	    proxy_set_header Upgrade $http_upgrade;
+	    proxy_set_header Connection "upgrade";
+	    proxy_set_header Host $host;
+	    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+	    proxy_read_timeout 3m;
+	    proxy_send_timeout 3m;
+	}
+    }
+}