--- /dev/null
+# Example nginx config for ActivityRelay
+
+# how to use this config.
+# 1. Create web roots if needed.
+# 2. change paths and everywhere it says <yourdomain>.
+# 3. get a SSL cert, this config can be used for letsencrypt's webroot mode
+# 4. reload nginx
+
+server {
+ listen 80;
+ listen [::]:80;
+ server_name relay.<yourdomain>;
+ root /srv/www/relay.<yourdomain>/htdocs;
+ # don't redirect for letsencrypt.
+ location /.well-known/acme-challenge/ {
+ }
+ location / {
+ return 301 https://relay.<yourdomain>$request_uri;
+ }
+}
+
+# if you don't have a ssl cert yet, comment out the next block and use certbot to fetch one.
+server {
+ listen 443 ssl;
+ server_name relay.<yourdomain>;
+ root /srv/www/relay.<yourdomain>/htdocs;
+
+ # logging, mostly for debug purposes. Disable if you wish.
+ access_log /srv/www/relay.<yourdomain>/logs/access.log;
+ error_log /srv/www/relay.<yourdomain>/logs/error.log;
+
+ ssl_protocols TLSv1.2;
+ ssl_ciphers EECDH+AESGCM:EECDH+AES;
+ ssl_ecdh_curve secp384r1;
+ ssl_prefer_server_ciphers on;
+ ssl_session_cache shared:SSL:10m;
+
+ # ssl certs.
+ ssl_certificate /usr/local/etc/letsencrypt/live/relay.<yourdomain>/fullchain.pem;
+ ssl_certificate_key /usr/local/etc/letsencrypt/live/relay.<yourdomain>/privkey.pem;
+
+ keepalive_timeout 70;
+ sendfile on;
+ client_max_body_size 0;
+ gzip off;
+
+ server_name relay.<yourdomain>;
+
+ # sts, change if you care.
+ # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
+
+ # not actually needed, this enables you to use a static page on your domain for your root page.
+ location = / {
+ index index.html;
+ }
+
+ location / {
+ try_files $uri @proxy;
+ }
+
+ location @proxy {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Proto https;
+ proxy_pass_header Server;
+ # change as needed.
+ proxy_pass http://127.0.0.1:8080;
+ proxy_buffering off;
+ proxy_redirect off;
+ proxy_http_version 1.1;
+ }
+}
+