worker_processes 1; load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; # useful for testin. comment out for prod #access_log /var/log/nginx_access.log main; sendfile on; keepalive_timeout 65; server { listen 80 default_server; #listen 443 ssl http2 default_server; #ssl_certificate /etc/piratebox-certs/piratebox.cer; #ssl_certificate_key /etc/piratebox-certs/piratebox.key; # Android location /generate_204 { return 302 http://piratebox.lan/; } # Apple location /hotspot-detect.html { return 302 http://piratebox.lan/; } # Microsoft location /ncsi.txt { add_header Content-Type "text/plain"; return 200 "Microsoft NCSI"; } server_name piratebox.lan; server_tokens off; more_clear_headers Server; charset utf-8; location / { root /opt/piratebox; index index.html; if ($host != piratebox.lan) { return 302 http://piratebox.lan$request_uri; } } location /piratebox/ { proxy_pass http://aiohttp; proxy_redirect off; proxy_buffering off; proxy_request_buffering off; client_max_body_size 16G; if ($host != piratebox.lan) { return 302 http://piratebox.lan$request_uri; } } location /Shared/ { proxy_pass http://aiohttp; proxy_redirect off; proxy_buffering off; if ($host != piratebox.lan) { return 302 http://piratebox.lan$request_uri; } } } upstream aiohttp { server unix:/run/piratebox/piratebox.sock fail_timeout=0; } }