Static over http api over https

Latest revision as of 14:44, 23 April 2014

This is a sample Nginx configuration file for serving static content via HTTP, and the API via HTTPS:

server {
  listen 80;
 
  access_log /home/www/logs/static_access.log;
  error_log /home/www/logs/static_error.log;
  root /home/www/static;
 
  more_set_headers 'Server: MyAPI';
 
  location = / {
    index  index.htm.gz;
  }
 
  location ~* \.css\.gz$ {
    more_set_headers 'Content-Type: text/css';
    more_set_headers 'Content-Encoding: gzip';
  }
 
  location ~* \.j(s\.)?gz$ {
    more_set_headers 'Content-Type: text/javascript';
    more_set_headers 'Content-Encoding: gzip';
  }
 
  location ~* \.html?\.gz$ {
    more_set_headers 'Content-Type: text/html';
    more_set_headers 'Content-Encoding: gzip';
  }
 
  location ~* \.png\.gz$ {
    more_set_headers 'Content-Type: image/png';
    more_set_headers 'Content-Encoding: gzip';
  }
}
 
server {
  listen 443 ssl;
 
  ssl_certificate /home/www/api.crt;
  ssl_certificate_key /home/www/api.key;
  ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers HIGH:!aNULL:!MD5;
 
  access_log /home/www/logs/api_access.log;
  error_log /home/www/logs/api_error.log;
  root /home/www/api;
 
  more_set_headers 'Server: MyAPI';
 
  location ~ ^/api {
    more_set_headers 'Access-Control-Allow-Origin: http://$host';
    more_set_headers 'Access-Control-Allow-Methods: *';
    more_set_headers 'Access-Control-Expose-Headers: x-json';
    more_set_headers 'X-JSON: {"test":6}';
  }
 
  location ~ ^ {
    rewrite . http://$host/? permanent;
  }
}

Static over http api over https

Latest revision as of 14:44, 23 April 2014

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Toolbox