location __PATH__ { if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } # This is important for user's privacy ! access_log off; error_log /var/log/nginx/lufi.error.log; # This is important ! Make it OK with your Lutim configuration client_max_body_size 40M; if ($request_uri ~* ^/(img|css|font|js)/) { add_header Expires "Thu, 31 Dec 2037 23:55:55 GMT"; add_header Cache-Control "public, max-age=315360000"; } proxy_pass http://127.0.0.1:__PORT____PATH__; # Really important ! Lufi uses WebSocket, it won't work without this proxy_set_header Upgrade $http_upgrade ; proxy_set_header Connection "upgrade" ; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # If you want to log the remote port of the file senders, you'll need that proxy_set_header X-Remote-Port $remote_port; proxy_set_header X-Forwarded-Proto $scheme; # We expect the downsteam servers to redirect to the right hostname, so don't do any rewrite$ proxy_redirect off; #--PRIVATE--# Include SSOWAT user panel. #--PRIVATE--include conf.d/yunohost_panel.conf.inc; }