From d0b7182462aa93f6243e271044a999355adf022c Mon Sep 17 00:00:00 2001
From: Redume <danilivasenko09@gmail.com>
Date: Fri, 18 Oct 2024 20:51:41 +0300
Subject: [PATCH] =?UTF-8?q?=D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D0=BB=20ng?=
 =?UTF-8?q?inx?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docker-compose.yaml | 11 +++++++++++
 nginx.conf          | 30 ++++++++++++++++++++++++++++++
 2 files changed, 41 insertions(+)
 create mode 100644 nginx.conf

diff --git a/docker-compose.yaml b/docker-compose.yaml
index b5f7878..a4c5557 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,4 +1,15 @@
 services:
+    nginx:
+        image: nginx:latest
+        ports:
+            - '80:80'
+            - '443:443'
+        volumes:
+            - ./nginx.conf:/etc/nginx/nginx.conf
+            - ./CertSSL:/etc/nginx/ssl
+        depends_on:
+            - starlio-web
+
     starlio-web:
         build: .
         ports:
diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000..b5202ac
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,30 @@
+server {
+    listen 80 default_server;
+    listen [::]:80 default_server;
+    server_name example.com
+
+    location / {
+        return 301 https://$host$request_uri;
+    }
+}
+
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    http2 on;
+    server_name example.com
+
+    ssl_certificate /etc/nginx/ssl/fullchain.pem;
+    ssl_certificate_key /etc/nginx/ssl/privkey.pem;
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions
+
+    # modern configuration
+    ssl_protocols TLSv1.3;
+    ssl_prefer_server_ciphers off;
+
+    # HSTS (ngx_http_headers_module is required) (63072000 seconds)
+    add_header Strict-Transport-Security "max-age=63072000" always;
+
+    # replace with the IP address of your resolver
+}
\ No newline at end of file