transmission https nginx
https://forum.transmissionbt.com/viewtopic.php?f=3&t=8163
http://www.cyberciti.biz/faq/nginx-self-signed-certificate-tutorial-on-centos-redhat-linux/
worker_processes 1;
error_log /var/log/nginx/error_log info;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
index index.html;
server {
listen 127.0.0.1;
server_name localhost;
access_log /var/log/nginx/localhost.access_log main;
error_log /var/log/nginx/localhost.error_log info;
root /var/www/localhost/htdocs;
}
# SSL example
#server {
# listen 127.0.0.1:443;
# server_name localhost;
# ssl on;
# ssl_certificate /etc/ssl/nginx/nginx.pem;
# ssl_certificate_key /etc/ssl/nginx/nginx.key;
# access_log /var/log/nginx/localhost.ssl_access_log main;
# error_log /var/log/nginx/localhost.ssl_error_log info;
# root /var/www/localhost/htdocs;
#}
server {
listen 9092;
server_name localhost;
ssl on;
ssl_certificate /etc/nginx/ssl/self-ssl.crt;
ssl_certificate_key /etc/nginx/ssl/self-ssl.key;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect false;
proxy_pass http://127.0.0.1:9091;
}
}
}
mkdir cd /etc/nginx/ssl/
http://www.cyberciti.biz/faq/nginx-self-signed-certificate-tutorial-on-centos-redhat-linux/
~ # cat /etc/nginx/nginx.conf
user nginx nginx;worker_processes 1;
error_log /var/log/nginx/error_log info;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
index index.html;
server {
listen 127.0.0.1;
server_name localhost;
access_log /var/log/nginx/localhost.access_log main;
error_log /var/log/nginx/localhost.error_log info;
root /var/www/localhost/htdocs;
}
# SSL example
#server {
# listen 127.0.0.1:443;
# server_name localhost;
# ssl on;
# ssl_certificate /etc/ssl/nginx/nginx.pem;
# ssl_certificate_key /etc/ssl/nginx/nginx.key;
# access_log /var/log/nginx/localhost.ssl_access_log main;
# error_log /var/log/nginx/localhost.ssl_error_log info;
# root /var/www/localhost/htdocs;
#}
server {
listen 9092;
server_name localhost;
ssl on;
ssl_certificate /etc/nginx/ssl/self-ssl.crt;
ssl_certificate_key /etc/nginx/ssl/self-ssl.key;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect false;
proxy_pass http://127.0.0.1:9091;
}
}
}
Generating SSL Certificate
mkdir cd /etc/nginx/ssl/
cd /etc/nginx/ssl/
openssl genrsa -des3 -out self-ssl.key 2048
openssl req -new -key self-ssl.key -out self-ssl.csr
cp -v self-ssl.{key,original}
openssl rsa -in self-ssl.original -out self-ssl.key
rm -v self-ssl.original
openssl x509 -req -days 365 -in self-ssl.csr -signkey self-ssl.key -out self-ssl.crt
Comments
Post a Comment