|
server {
|
|
listen [::]:80;
|
|
server_name www.rtg.in.ua blog.rtg.in.ua;
|
|
rewrite ^ http://rtg.in.ua$request_uri? permanent;
|
|
}
|
|
|
|
upstream wordpress {
|
|
server 91.209.206.62:80;
|
|
}
|
|
|
|
proxy_cache cache;
|
|
|
|
server {
|
|
include proxy_params;
|
|
|
|
# sites-available/default should also have listen directive changed
|
|
# for IPv6 & IPv4 to work to
|
|
# listen [::]:80 default_server;
|
|
listen [::]:80;
|
|
server_name rtg.in.ua;
|
|
|
|
access_log /var/log/nginx/rtg-in-ua.access.log;
|
|
|
|
location / {
|
|
proxy_pass http://wordpress;
|
|
proxy_cache_valid 404 1m;
|
|
|
|
# we should not serve cached version if we have one of these cookies
|
|
if ($http_cookie ~* "wordpress|comment_author|wp-postpass_") {
|
|
set $bypass_cache 1;
|
|
}
|
|
|
|
proxy_cache_bypass $bypass_cache;
|
|
}
|
|
|
|
# These are completely static and can be shared between
|
|
# HTTP and HTTPS virtual hosts
|
|
location ~* \.(jpg|jpeg|png|gif|css|js|mp3|wav|swf|ogg|txt) {
|
|
proxy_cache_key $host$request_uri;
|
|
proxy_cache_valid 200 120m;
|
|
# 30 days
|
|
expires 2592000;
|
|
proxy_pass http://wordpress;
|
|
}
|
|
|
|
location ~* (^|\/)feed\/ {
|
|
proxy_cache_valid 200 60m;
|
|
proxy_pass http://wordpress;
|
|
}
|
|
|
|
}
|
|
|
|
# HTTPS server
|
|
# We allow all interaction to happen over HTTPS too.
|
|
server {
|
|
listen [::]:443;
|
|
server_name rtg.in.ua;
|
|
include proxy_params;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/certs/rtg-in-ua.crt;
|
|
ssl_certificate_key /etc/ssl/private/server.key;
|
|
|
|
ssl_session_timeout 5m;
|
|
|
|
ssl_protocols SSLv2 SSLv3 TLSv1;
|
|
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
access_log /var/log/nginx/rtg-in-ua.access.log;
|
|
|
|
location / {
|
|
proxy_cache cache;
|
|
proxy_cache_valid 404 1m;
|
|
|
|
if ($http_cookie ~* "wordpress|comment_author|wp-postpass_") {
|
|
set $bypass_cache 1;
|
|
}
|
|
|
|
proxy_cache_bypass $bypass_cache;
|
|
proxy_pass http://wordpress;
|
|
}
|
|
|
|
location ~* ^(wp-admin|wp-login) {
|
|
proxy_pass http://wordpress;
|
|
}
|
|
|
|
location ~* \.(jpg|jpeg|png|gif|css|js|mp3|wav|swf|ogg|txt) {
|
|
proxy_cache_key $host$request_uri;
|
|
proxy_cache_valid 200 120m;
|
|
expires 2592000;
|
|
proxy_pass http://wordpress;
|
|
}
|
|
|
|
location ~* (^|\/)feed\/ {
|
|
proxy_cache_valid 200 60m;
|
|
proxy_cache cache;
|
|
proxy_pass http://wordpress;
|
|
}
|
|
}
|