hassio-addons/addon-vscode
1
0
Fork 0
mirror of https://github.com/hassio-addons/addon-vscode.git synced 2025-05-03 18:51:23 +00:00
Code Issues Projects Releases Packages Wiki Activity
addon-vscode/vscode/rootfs/etc/nginx/nginx-ssl.conf
Franck Nijhof 07fd06720e
Adds HA Authentication
2019-03-28 22:30:19 +01:00

71 lines
2.1 KiB
Text
Raw Blame History

worker_processes 1;
pid /var/run/nginx.pid;
error_log stderr;
env HASSIO_TOKEN;
env DISABLE_HA_AUTHENTICATION;
load_module "/usr/lib/nginx/modules/ndk_http_module.so";
load_module "/usr/lib/nginx/modules/ngx_http_lua_module.so";
events {
worker_connections 1024;
}
http {
access_log stdout;
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
lua_shared_dict auths 16k;
resolver 127.0.0.11;
upstream code {
ip_hash;
server 127.0.0.1:8443;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
server_name hassio.local;
listen 1337 default_server ssl;
root /dev/null;
ssl_certificate /ssl/%%certfile%%;
ssl_certificate_key /ssl/%%keyfile%%;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA;
ssl_ecdh_curve secp384r1;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
location / {
access_by_lua_file /etc/nginx/ha-auth.lua;
proxy_redirect off;
proxy_pass http://code;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Authorization "";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
}
}
}
Reference in a new issue View git blame Copy permalink