@@ -0,0 +1,79 @@
upstream servers-frontend {
ip_hash ;
server 10.10.137.100:80 ; # server -1
server 10.10.126.101:80 ; # server -2
}
upstream server -2 {
server 10.10.137.101:80 ;
}
upstream server -2-ssl {
server 10.10.137.101:443 ;
}
server {
listen 80 ;
server_name my-server .com www.my-server .com;
error_page 502 503 504 @maintenance;
location / {
proxy_pass http ://servers-frontend;
proxy_set_header Host $host ;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
proxy_set_header X-Real-IP $remote_addr ;
}
# WP-Admin is accessed via HTTPS, however, some components
# still work via HTTP despite FORCE_SSL_ADMIN being set to TRUE.
location /wp-admin {
proxy_pass http ://server -2;
proxy_set_header Host $host ;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
proxy_set_header X-Real-IP $remote_addr ;
}
location @maintenance {
root /etc/nginx/html;
rewrite ^( .*) /maintenance.html break ;
}
}
server {
listen 443 ;
server_name my-server .com www.my-server .com;
ssl on;
ssl_certificate /etc/nginx/ssl /my-server .crt;
ssl_certificate_key /etc/nginx/ssl /my-server .key;
location /wp-login.php {
proxy_pass https://server -2-ssl ;
proxy_set_header Host $host ;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Real-IP $remote_addr ;
}
# Only handle HTTPS requests for WP-Admin
# This should be set before other `location` directives
# as locations are matched by regexp in the order they appear
location ~ ^/wp-( admin|content|includes) {
#increase client max size for wp-admin connection to allow bigger picture uploads to blog
client_max_body_size 2M ;
proxy_pass https://server -2-ssl ;
proxy_set_header Host $host ;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Real-IP $remote_addr ;
}
# All the other pages are served via HTTP
location ~ ^.* {
# Will you be so kind to GTFO my sire? o_Q
rewrite ^( .*) $ http ://my-server .com$1 ;
}
}
toomasr created this gist