commit ad4f0177e175251f51e939eba22b9fa7d28474b8 parent e4563c3f05c0e46096140b707296cc51fa8db994 Author: bohdan-potuzhnyi <bohdan.potuzhnyi@gmail.com> Date: Mon, 31 Mar 2025 22:23:44 +0200 changing the nginx config file Diffstat:
| M | debian/etc/nginx/sites-available/taler-merchant | | | 37 | +++++++++++++++++++++++++++++++------ |
1 file changed, 31 insertions(+), 6 deletions(-)
diff --git a/debian/etc/nginx/sites-available/taler-merchant b/debian/etc/nginx/sites-available/taler-merchant @@ -10,10 +10,11 @@ server { # NOTE: # - replace with your actual server name - server_name localhost; + server_name %%your.domain%%; access_log /var/log/nginx/merchant.log; error_log /var/log/nginx/merchant.err; + location /taler-merchant/ { proxy_pass http://unix:/var/run/taler-merchant/httpd/merchant-http.sock; proxy_redirect off; @@ -21,11 +22,35 @@ server { # NOTE: # - put your actual DNS name here - proxy_set_header X-Forwarded-Host "localhost"; - - # NOTE: - # - uncomment the following line if you are using HTTPS - # proxy_set_header X-Forwarded-Proto "https"; + proxy_set_header X-Forwarded-Host "%%your.domain%%"; + proxy_set_header X-Forwarded-Proto "http"; } +} + +server { + # NOTE: + # - This block provides the TLS/HTTPS configuration + listen 443 ssl; + listen [::]:443 ssl; + # NOTE: + # - replace with your actual server name + server_name %%your.domain%%; + + ssl_certificate /etc/letsencrypt/live/%%your.domain%%/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/%%your.domain%%/privkey.pem; + + access_log /var/log/nginx/merchant.log; + error_log /var/log/nginx/merchant.err; + + location / { + proxy_pass http://unix:/var/run/taler-merchant/httpd/merchant-http.sock; + proxy_redirect off; + proxy_set_header Host $host; + + # NOTE: + # - put your actual DNS name here + proxy_set_header X-Forwarded-Host "%%your.domain%%"; + proxy_set_header X-Forwarded-Proto "https"; + } } \ No newline at end of file