user www-data; worker_processes 1; pid /run/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; # the collectd config depends on this log format log_format combined2 '$remote_addr - [$time_local] ' '"$request" $status $body_bytes_sent $request_time ' '"$http_referer" "$http_user_agent"'; # required for long host names server_names_hash_bucket_size 128; access_log access.log combined2; sendfile on; # timeout for client to finish sending headers client_header_timeout 30s; # timeout for reading client request body (successive read timeout and not whole body!) client_body_timeout 60s; # keep-alive connections timeout in 65s. this is because many browsers timeout in 60 seconds keepalive_timeout 65s; # HTTP server server { listen 80; # collectd location /nginx_status { stub_status on; access_log off; allow 127.0.0.1; deny all; } # acme challenges location /.well-known/acme-challenge/ { default_type text/plain; alias /home/yellowtent/data/acme/; } location / { # redirect everything to HTTPS return 301 https://$host$request_uri; } } # This server handles the naked domain for custom domains. # It can also be used for wildcard subdomain 404. This feature is not used by the Cloudron itself # because box always sets up DNS records for app subdomains. server { listen 443 default_server; ssl on; ssl_certificate cert/host.cert; ssl_certificate_key cert/host.key; error_page 404 = @fallback; location @fallback { internal; root /home/yellowtent/box/webadmin/dist; rewrite ^/$ /nakeddomain.html break; } location / { internal; root /home/yellowtent/box/webadmin/dist; rewrite ^/$ /nakeddomain.html break; } # required for /api/v1/cloudron/avatar location /api/ { proxy_pass http://127.0.0.1:3000; client_max_body_size 1m; } } include applications/*.conf; }