123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134 |
- include /etc/nginx/conf.d/server_config;
- upstream web {
- server web:8000;
- }
- server {
- listen [::]:80;
- listen 80;
- server_name your-domain.com www.your-domain.com;
- location ~ /.well-known/acme-challenge {
- allow all;
- root /var/www/certbot;
- }
- # # redirect http to https
- # return 301 https://your-domain.com$request_uri;
- }
- # server {
- # access_log /var/log/nginx/access.log cache_log;
- #
- # listen [::]:443 ssl http2;
- # listen 443 ssl http2;
- #
- # server_name your-domain.com;
- #
- # client_max_body_size 3M;
- #
- # if ($host != "your-domain.com") {
- # return 301 $scheme://your-domain.com$request_uri;
- # }
- #
- # # SSL code
- # ssl_certificate /etc/nginx/ssl/live/your-domain.com/fullchain.pem;
- # ssl_certificate_key /etc/nginx/ssl/live/your-domain.com/privkey.pem;
- #
- # location ~ /.well-known/acme-challenge {
- # allow all;
- # root /var/www/certbot;
- # }
- #
- # sendfile on;
- # tcp_nopush on;
- # tcp_nodelay on;
- # keepalive_timeout 65;
- # types_hash_max_size 2048;
- # #include /etc/nginx/mime.types;
- # #default_type application/octet-stream;
- #
- # gzip on;
- # gzip_disable "msie6";
- #
- # proxy_read_timeout 1800s;
- # chunked_transfer_encoding on;
- #
- # # store responses to anonymous users for up to 1 minute
- # proxy_cache bookwyrm_cache;
- # proxy_cache_valid any 1m;
- # add_header X-Cache-Status $upstream_cache_status;
- #
- # # ignore the set cookie header when deciding to
- # # store a response in the cache
- # proxy_ignore_headers Cache-Control Set-Cookie Expires;
- #
- # # PUT requests always bypass the cache
- # # logged in sessions also do not populate the cache
- # # to avoid serving personal data to anonymous users
- # proxy_cache_methods GET HEAD;
- # proxy_no_cache $cookie_sessionid;
- # proxy_cache_bypass $cookie_sessionid;
- #
- # # tell the web container the address of the outside client
- # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- # proxy_set_header Host $host;
- # proxy_redirect off;
- #
- # location ~ ^/(login[^-/]|password-reset|resend-link|2fa-check) {
- # limit_req zone=loginlimit;
- # proxy_pass http://web;
- # }
- #
- # # do not log periodic polling requests from logged in users
- # location /api/updates/ {
- # access_log off;
- # proxy_pass http://web;
- # }
- #
- # location / {
- # proxy_pass http://web;
- # }
- #
- # # directly serve images and static files from the
- # # bookwyrm filesystem using sendfile.
- # # make the logs quieter by not reporting these requests
- # location ~ ^/(images|static)/ {
- # root /app;
- # try_files $uri =404;
- # add_header X-Cache-Status STATIC;
- # access_log off;
- # }
- #
- # # monitor the celery queues with flower, no caching enabled
- # location /flower/ {
- # proxy_pass http://flower:8888;
- # proxy_cache_bypass 1;
- # }
- # }
- # Reverse-Proxy server
- # server {
- # listen [::]:8001;
- # listen 8001;
- # server_name your-domain.com www.your-domain.com;
- # location / {
- # proxy_pass http://web;
- # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- # proxy_set_header Host $host;
- # proxy_redirect off;
- # }
- # location /images/ {
- # alias /app/images/;
- # }
- # location /static/ {
- # alias /app/static/;
- # }
- # }
|