server { listen 80 default_server backlog=4096; listen [::]:80 default_server backlog=4096; server_name _; root /mnt/repos-production/mirror; # Fastly sets the client IP in this header (and it cannot be overriden by user) real_ip_header Fastly-Client-IP; real_ip_recursive on; set_real_ip_from 10.32.0.0/16; set_real_ip_from ::/0; location / { autoindex on; } location /stg { autoindex on; alias /mnt/repos-staging/mirror/pub; } #location ~* .*(\.manifest|CHECKSUM|COMMUNITY-CHARTER|COMPOSE_ID|Contributors|EULA|LICENSE|\.yaml|\.json|README|fullfile.*|\.repo)$ { # #add_header Content-Type text/plain; # types { } default_type "text/plain; charset=utf-8"; #} #location ~* RPM-GPG-KEY-.*$ { # add_header Content-Type text/plain; # types { } default_type "text/plain; charset=utf-8"; #} error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } } server { listen 443 ssl; listen [::]:443 ssl; server_name _; root /mnt/repos-production/mirror; ssl_certificate /etc/pki/tls/certs/dl.rockylinux.org.crt; ssl_certificate_key /etc/pki/tls/private/dl.rockylinux.org.key; ssl_ciphers HIGH:!aNULL:!MD5; # Fastly sets the client IP in this header (and it cannot be overriden by user) real_ip_header Fastly-Client-IP; real_ip_recursive on; set_real_ip_from 10.32.0.0/16; set_real_ip_from ::/0; location / { autoindex on; } location /stg { autoindex on; alias /mnt/repos-staging/mirror/pub; } #location ~* .*(\.manifest|CHECKSUM|COMMUNITY-CHARTER|COMPOSE_ID|Contributors|EULA|LICENSE|\.yaml|\.json|README|fullfile.*|\.repo)$ { # #add_header Content-Type text/plain; # types { } default_type "text/plain; charset=utf-8"; #} #location ~* RPM-GPG-KEY-.*$ { # add_header Content-Type text/plain; # types { } default_type "text/plain; charset=utf-8"; #} error_page 404 /404.html; location = /40x.html { } error_page 500 502 503 504 /50x.html; location = /50x.html { } }