From 3071173f0eae3260ba1d623eb2e418f03754cf17 Mon Sep 17 00:00:00 2001 From: Christian Schnidrig Date: Mon, 2 Jan 2023 18:06:46 +0100 Subject: [PATCH] new nginx config --- roles/openhab/tasks/nginx.yml | 3 ++- roles/openhab/templates/nginx.conf.2.j2 | 24 ++++++++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 roles/openhab/templates/nginx.conf.2.j2 diff --git a/roles/openhab/tasks/nginx.yml b/roles/openhab/tasks/nginx.yml index 8fa32f7..a2bef3a 100644 --- a/roles/openhab/tasks/nginx.yml +++ b/roles/openhab/tasks/nginx.yml @@ -10,7 +10,8 @@ - name: create nginx config template: - src: nginx.conf.j2 + # src: nginx.conf.j2 + src: nginx.conf.2.j2 dest: "/etc/nginx/sites-available/openhab.conf" owner: root group: root diff --git a/roles/openhab/templates/nginx.conf.2.j2 b/roles/openhab/templates/nginx.conf.2.j2 new file mode 100644 index 0000000..5083ee5 --- /dev/null +++ b/roles/openhab/templates/nginx.conf.2.j2 @@ -0,0 +1,24 @@ +server { + listen [::]:80 ipv6only=off; + listen [::]:443 ipv6only=off ssl; + server_name open-hab.dynv6.net; + + ssl_certificate /etc/nginx/ssl/nginx.crt; + ssl_certificate_key /etc/nginx/ssl/nginx.key; + + location / { + proxy_pass http://localhost:8080/; + proxy_buffering off; # openHAB supports non-buffering specifically for SSEs now + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + + auth_basic "Openhab"; + auth_basic_user_file /etc/nginx/htpasswd; + } + location /.well-known/acme-challenge/ { + root /var/www/html; + } + +}