summaryrefslogtreecommitdiffstats
path: root/modules/tozt/files/nginx/headscale-tls.conf
diff options
context:
space:
mode:
Diffstat (limited to 'modules/tozt/files/nginx/headscale-tls.conf')
-rw-r--r--modules/tozt/files/nginx/headscale-tls.conf29
1 files changed, 29 insertions, 0 deletions
diff --git a/modules/tozt/files/nginx/headscale-tls.conf b/modules/tozt/files/nginx/headscale-tls.conf
new file mode 100644
index 0000000..392264d
--- /dev/null
+++ b/modules/tozt/files/nginx/headscale-tls.conf
@@ -0,0 +1,29 @@
+map $http_upgrade $connection_upgrade {
+ default keep-alive;
+ 'websocket' upgrade;
+ '' close;
+}
+
+server {
+ listen 443 ssl http2;
+ server_name headscale.tozt.net;
+
+ access_log /var/log/nginx/headscale.access.log;
+ error_log /var/log/nginx/headscale.error.log;
+
+ include ssl;
+
+ location / {
+ proxy_pass http://127.0.0.1:8081;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection $connection_upgrade;
+ proxy_set_header Host $server_name;
+ proxy_buffering off;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
+ add_header Strict-Transport-Security "max-age=15552000; includeSubDomains" always;
+ }
+}
+# vim:ft=nginx
generated by cgit v1.2.3-54-g00ecf (git 2.45.0) at 2024-05-17 10:14:57 +0000