ok, since i'm not able to open the attachment here's the config:
#user nobody;
worker_processes 5;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# redirect all http requests to https
server {
listen <IP>:80;
server_name _;
rewrite ^ https://$host$request_uri? permanent;
}
# doamin1
server {
listen <IP>:443 ssl spdy;
server_name blahblah.domain1;
ssl_certificate <doamin1>.crt;
ssl_certificate_key <doamin1>.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5:!DSS:!RC4;
ssl_prefer_server_ciphers on;
# rewrite1
rewrite ^/$ /rewrite/here/ redirect;
location /rewrite/here/ {
proxy_http_version 1.1;
proxy_pass https://localhost:9443;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# web socket forwarding
proxy_read_timeout 24h;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 100 128k;
proxy_max_temp_file_size 0;
}
# pass2
location /some/location/ {
proxy_pass https://localhost:8443/;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# web socket forwarding
proxy_read_timeout 24h;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 100 128k;
proxy_max_temp_file_size 0;
}
}
# domain2
server {
listen <IP>:443 ssl spdy;
server_name blahblah.domain2;
ssl_certificate <doamin2>.crt;
ssl_certificate_key <doamin2>.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5:!DSS:!RC4;
ssl_prefer_server_ciphers on;
# rewrite1
rewrite ^/$ /rewrite/here/ redirect;
location /rewrite/here/ {
proxy_http_version 1.1;
proxy_pass https://localhost:9443;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# web socket forwarding
proxy_read_timeout 24h;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 100 128k;
proxy_max_temp_file_size 0;
}
# pass2
location /some/location/ {
proxy_pass https://localhost:8443/;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# web socket forwarding
proxy_read_timeout 24h;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 100 128k;
proxy_max_temp_file_size 0;
}
}
}
#user nobody;
worker_processes 5;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
# redirect all http requests to https
server {
listen <IP>:80;
server_name _;
rewrite ^ https://$host$request_uri? permanent;
}
# doamin1
server {
listen <IP>:443 ssl spdy;
server_name blahblah.domain1;
ssl_certificate <doamin1>.crt;
ssl_certificate_key <doamin1>.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5:!DSS:!RC4;
ssl_prefer_server_ciphers on;
# rewrite1
rewrite ^/$ /rewrite/here/ redirect;
location /rewrite/here/ {
proxy_http_version 1.1;
proxy_pass https://localhost:9443;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# web socket forwarding
proxy_read_timeout 24h;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 100 128k;
proxy_max_temp_file_size 0;
}
# pass2
location /some/location/ {
proxy_pass https://localhost:8443/;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# web socket forwarding
proxy_read_timeout 24h;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 100 128k;
proxy_max_temp_file_size 0;
}
}
# domain2
server {
listen <IP>:443 ssl spdy;
server_name blahblah.domain2;
ssl_certificate <doamin2>.crt;
ssl_certificate_key <doamin2>.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5:!DSS:!RC4;
ssl_prefer_server_ciphers on;
# rewrite1
rewrite ^/$ /rewrite/here/ redirect;
location /rewrite/here/ {
proxy_http_version 1.1;
proxy_pass https://localhost:9443;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# web socket forwarding
proxy_read_timeout 24h;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 100 128k;
proxy_max_temp_file_size 0;
}
# pass2
location /some/location/ {
proxy_pass https://localhost:8443/;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# web socket forwarding
proxy_read_timeout 24h;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_buffering off;
proxy_buffer_size 4k;
proxy_buffers 100 128k;
proxy_max_temp_file_size 0;
}
}
}