server { listen 443 ssl; http2 on; server_name lufi.labunix.xyz; ssl_certificate /etc/letsencrypt/live/labunix.xyz/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/labunix.xyz/privkey.pem; auth_basic "Restricted"; auth_basic_user_file /etc/nginx/lufi.htpasswd; access_log /var/log/nginx/vhost.access.log vhost; error_log /var/log/nginx/lufi.error.log; location / { proxy_pass http://127.0.0.1:8090; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Forwarded-Port 443; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; add_header X-Frame-Options SAMEORIGIN always; add_header X-Content-Type-Options nosniff always; client_max_body_size 2G; proxy_read_timeout 3600s; } }