Add NGINX config.

diff --git a/buster/etc_files/web/etc/nginx/nginx.conf b/buster/etc_files/web/etc/nginx/nginx.conf
new file mode 100644 (file)
index 0000000..6d84152
--- /dev/null
+++ b/buster/etc_files/web/etc/nginx/nginx.conf
@@ -0,0 +1,43 @@
+# system integration
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+http {
+    # define content-type headers
+    include /etc/nginx/mime.types;
+    #charset utf-8;
+
+    # Some standard optimizations, i.e. Debian default. Explained in
+    # <https://thoughts.t37.net/nginx-optimization-understanding-sendfile-tcp-nodelay-and-tcp-nopush-c55cdd276765>
+    # Not that I understand it all …
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+
+    # logging deactivated due to GDPR
+    #access_log /var/log/nginx/access.log;
+    #error_log /var/log/nginx/error.log;
+
+    # virtual hosts: sites-enabled is the Debian way, conf.d the NGINX default
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*;
+
+    # If we wanted a simple file server …
+    ## HTTP server: only enforce HTTPS
+    #server {
+    #    listen 80;
+    #    return 301 https://$host$request_uri;
+    #}
+    #
+    ## HTTPS server
+    #server {
+    #    listen 443 ssl;
+    #    server_name REPLACE_fqdn_ECALPER;
+    #    ssl_certificate /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/fullchain.pem;
+    #    ssl_certificate_key /etc/letsencrypt/live/REPLACE_fqdn_ECALPER/privkey.pem;
+    #    root /var/www/html/;
+    #    index index.html index.htm index.nginx-debian.html;
+    #}
+}