Adding custom Nginx configuration
In certain situations, you may wish to provide some additional Nginx configuration for your instance. It is possible to achieve this by creating and editing some files that are included in the OPC-managed default configurations.
The OPC will create the necessary configuration files for your instance at the following location on your server: /opt/deskpro/data/instances/<instance name>/services/nginx/conf.d/
Within each of these config files are several include statements:
include /opt/deskpro/data/instances/<instance name>/services/nginx/custom/server.conf;
include /opt/deskpro/data/instances/<instance name>/services/nginx/custom/server_XYZ.conf; copyThe first include statement is included in all Nginx server blocks for the instance so will apply to all domains and ports you have configured for your instance.
The second include is specific to the configuration you are viewing.
Note that configurations with SSL enabled also have the following includes available:
include /opt/deskpro/data/instances/<instance name>/services/nginx/custom/ssl.conf;
include /opt/deskpro/data/instances/<instance name>/services/nginx/custom/ssl_XYZ.conf; copyAgain the first include is included in all SSL configuration whereas the second is specific to the SSL configuration for that domain only.
Any changes made to the OPC-managed Nginx configuration files will be reverted when the instance configuration is changed or the instance is updated. It is therefore important to ensure that changes are only made to the specific files that are included by these managed configuration files to ensure your changes persist.
Generic Example
If you have the domain helpdesk.example.com configured for your instance, you will have the following Nginx configuration files automatically generated and managed:
/opt/deskpro/data/instances/<instance name>/services/nginx/conf.d/helpdesk-example-com_80.conf
/opt/deskpro/data/instances/<instance name>/services/nginx/conf.d/helpdesk-example-com_443.conf copyThese files will have the following include directives respectively:
include /opt/deskpro/data/instances/<instance name>/services/nginx/custom/server.conf;
include /opt/deskpro/data/instances/<instance name>/services/nginx/custom/server_helpdesk-example-com_80.conf; copyinclude /opt/deskpro/data/instances/<instance name>/services/nginx/custom/ssl.conf;
include /opt/deskpro/data/instances/<instance name>/services/nginx/custom/ssl_helpdesk-example-com_443.conf;
include /opt/deskpro/data/instances/<instance name>/services/nginx/custom/server.conf;
include /opt/deskpro/data/instances/<instance name>/services/nginx/custom/server_helpdesk-example-com_443.conf; copyHSTS example
To enable HSTS headers for all HTTPS configurations on your site, you can add the following content:
add_header Strict-Transport-Security max-age=31536000; copyto the /opt/deskpro/data/instances/<instance name>/services/nginx/custom/ssl.conf; file (note you may need to create this file first).
You can then test the Nginx configuration is correct by running nginx -t from the command line and confirming you see the message the test is successful:
# nginx -t
...
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful copyTo apply these changes, you can then run systemctl reload nginx and HSTS headers will then be enabled on all HTTPS configurations for your site.
Logga in eller registrera dig för att lämna en kommentar.