Currently i try to convert nginx conf to apache conf, anyone could help on below:
nginx conf:
server {
listen 80;
listen [::]:80;
server_name dock-ss.lab.sss.com.my;
location / {
return 301 https://$server_name$request_uri;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name dock-ss.lab.sss.com.my;
include /etc/nginx/snippets/ssl.conf;
include /etc/nginx/snippets/secure_header.conf;
add_header X-Frame-Options SAMEORIGIN;
location /v2 {
# Do not allow connections from docker 1.5 and earlier
# docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
return 404;
}
client_max_body_size 0;
proxy_pass http://127.0.0.1:5000/v2;
proxy_set_header Host $http_host; # required for docker client's sake
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_read_timeout 900;
}
location /auth {
proxy_pass http://127.0.0.1:5001/auth;
proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
ssl.conf:
ssl_certificate /etc/pki/tls/certs/wildcard.lab.sss.com.my.crt;
ssl_certificate_key /etc/pki/tls/private/wildcard.lab.sss.com.my.key;
ssl_session_timeout 180m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_dhparam /etc/nginx/cert/dhparam.pem;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DHE+AES128:!ADH:!AECDH:!MD5;
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;