Wir haben das Problem gelöst. Hier eine Musterkonfig.
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name webseite.de 10.200.99.5;
return 301 https://$server_name$request_uri;
}
server {
# SSL configuration
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
include /etc/nginx/snippets/strong-ssl.conf;
ssl_certificate /etc/letsencrypt/live/webseite.de/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/webseite.de/privkey.pem;
location / {
# RDefault Location
proxy_set_header X-Real-IP $remote_addr;
try_files $uri $uri/ =404;
#proxy_set_header Host $host;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://10.200.99.5;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
}
location /TimeCardApp {
# ReinerSCT TimeCardApp
proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header Host $host;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://ip_timecardserver:50141/TimeCardApp;
auth_basic off;
}
# Root location
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
# Basic Auth to protect the site
#auth_basic "Restricted";
#auth_basic_user_file /etc/nginx/.htpasswd;
# Change the client side error pages (4xx) to prevent some information disclosure
error_page 401 403 404 /404.html;
# First attempt to serve request as file, then as directory,
# then fall back to displaying a 404.
#location / {
#try_files $uri $uri/ =404;
#}
# Deny access to .htaccess files, if Apache's document
# root concurs with nginx's one
location ~ /\.ht {
deny all;
}
# Let's Encrypt Webroot plugin location -- allow access
location ^~ /.well-known/acme-challenge/ {
auth_basic off;
autoindex on;
}
}