Hello,
I am using a dedicated server ubuntu 22.04
It is running HestiaCP

HestiaCP uses Nginx to proxy and cache and Apache to serve the html.

As far as I understand, it is suggested that I terminate the ssl at the Nginx and send the request through
to Apache2 on port 8080

As HestiaCP has difficulty managing wildcard sub-domains, I have set up the the certificates
with certbot and need to edit the config file.


server {
server {
listen 78.110.163.102:443;
server_name gldn.page *.gldn.page;
ssl_certificate /etc/letsencrypt/live/gldn.page/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gldn.page/privkey.pem;
ssl_stapling on;
ssl_stapling_verify on;
error_log /var/log/nginx/domains/gldn.page.error.log

location / {
proxy_pass 78.110.163.102:8080 // to be picked up by apache2

location ~* ^.+\.(%proxy_extensions%)$ {
root %sdocroot%;
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;
}
}

location /error/ {
alias %home%/%user%/web/%domain%/document_errors/;
}

location @fallback {
proxy_pass https://%ip%:%web_ssl_port%; WHAT IS THIS FOR ?
}

location ~ /\.(?!well-known\/|file) {
deny all;
return 404;
}

proxy_hide_header Upgrade;

include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*; // Doesn't exist
}


I don't understand what this section is doing ...

location ~* ^.+\.(%proxy_extensions%)$ {
root %sdocroot%;
access_log /var/log/%web_system%/domains/%domain%.log combined;
access_log /var/log/%web_system%/domains/%domain%.bytes bytes;
expires max;
try_files $uri @fallback;


Can someone explain it ?

And are there any errors/improvements I need to make ?

Thanks



Edited 1 time(s). Last edit at 06/09/2022 11:36AM by Dave_London.