NginX Configurations

Basic self signed SSL cert

openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout nginx.key -out nginx.crt

Basic reverse proxy config

http

server {
  listen 80;

  # optional, will listen to all without this
  #server_name example.com;

  location / {
      proxy_pass http://localhost:3000/;
  }
}

https

server {
    listen 80;
    return 301 https://$host$request_uri;
}

server {

    listen 443;
    server_name git.example.com

    ssl_certificate           /etc/nginx/pki/cert.crt;
    ssl_certificate_key       /etc/nginx/pki/cert.key;

    ssl on;
    ssl_session_cache  builtin:1000  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
    ssl_prefer_server_ciphers on;

    access_log            /var/log/nginx/git.access.log;

    location / {

      proxy_pass          http://localhost:8080;
    }
}

Basic redirect

www to non-www

server {
    server_name www.example.com;
    return 301 $scheme://example.com$request_uri;
}