Hello,
I am using a dedicated server ubuntu 22.04
It is running HestiaCP
HestiaCP uses Nginx to proxy and cache and Apache to serve the html.
As far as I understand, it is suggested that I terminate the ssl at the Nginx and send the request through
to Apache2 on port 8080
As HestiaCP has difficulty managing wildcard sub-domains, I have set up the the certificates
with certbot and need to edit the config file.
server {
server {
listen 78.110.163.102:443;
server_name gldn.page *.gldn.page;
ssl_certificate /etc/letsencrypt/live/gldn.page/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gldn.page/privkey.pem;
ssl_stapling on;
ssl_stapling_verify on;
error_log /var/log/nginx/domains/gldn.page.error.log
location / {
proxy_pass 78.110.163.102:8080 // to be picked up by apache2
location ~* ^.+\.(%proxy_extensions%)$ {
root %sdocroot%;
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}
location @fallback {
proxy_pass https://%ip%:%web_ssl_port%; WHAT IS THIS FOR ?
}
location ~ /\.(?!well-known\/|file) {
deny all;
return 404;
}
proxy_hide_header Upgrade;
include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*; // Doesn't exist
}
I don't understand what this section is doing ...
location ~* ^.+\.(%proxy_extensions%)$ {
root %sdocroot%;
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
Can someone explain it ?
And are there any errors/improvements I need to make ?
Thanks
Edited 1 time(s). Last edit at 06/09/2022 11:36AM by Dave_London.