Inicio Explorar Axuda
Iniciar sesión
jgf
/
bookwyrm
1
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Rama: main
Ramas Etiquetas
bookwyrm
/
nginx
/
development

development 2.1 KB
Permalink Histórico Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879 
  1. include /etc/nginx/conf.d/server_config;
    2. 

  2. 

  3. upstream web {
    4. 

  4.     server web:8000;
    5. 

  5. }
    6. 

  6. 

  7. server {
    8. 

  8.     access_log /var/log/nginx/access.log cache_log;
    9. 

  9. 

  10.     listen 80;
    11. 

  11. 

  12.     sendfile on;
    13. 

  13.     tcp_nopush on;
    14. 

  14.     tcp_nodelay on;
    15. 

  15.     keepalive_timeout 65;
    16. 

  16.     types_hash_max_size 2048;
    17. 

  17.     #include /etc/nginx/mime.types;
    18. 

  18.     #default_type application/octet-stream;
    19. 

  19. 

  20.     gzip on;
    21. 

  21.     gzip_disable "msie6";
    22. 

  22. 

  23.     proxy_read_timeout 1800s;
    24. 

  24.     chunked_transfer_encoding on;
    25. 

  25. 

  26.     # store responses to anonymous users for up to 1 minute
    27. 

  27.     proxy_cache bookwyrm_cache;
    28. 

  28.     proxy_cache_valid any 1m;
    29. 

  29.     add_header X-Cache-Status $upstream_cache_status;
    30. 

  30. 

  31.     # ignore the set cookie header when deciding to
    32. 

  32.     # store a response in the cache
    33. 

  33.     proxy_ignore_headers Cache-Control Set-Cookie Expires;
    34. 

  34. 

  35.     # PUT requests always bypass the cache
    36. 

  36.     # logged in sessions also do not populate the cache
    37. 

  37.     # to avoid serving personal data to anonymous users
    38. 

  38.     proxy_cache_methods GET HEAD;
    39. 

  39.     proxy_no_cache      $cookie_sessionid;
    40. 

  40.     proxy_cache_bypass  $cookie_sessionid;
    41. 

  41. 

  42.     # tell the web container the address of the outside client
    43. 

  43.     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    44. 

  44.     proxy_set_header Host $host;
    45. 

  45.     proxy_redirect off;
    46. 

  46. 

  47.     # rate limit the login or password reset pages
    48. 

  48.     location ~ ^/(login[^-/]|password-reset|resend-link|2fa-check) {
    49. 

  49.         limit_req zone=loginlimit;
    50. 

  50.         proxy_pass http://web;
    51. 

  51.     }
    52. 

  52. 

  53.     # do not log periodic polling requests from logged in users
    54. 

  54.     location /api/updates/ {
    55. 

  55.         access_log off;
    56. 

  56.         proxy_pass http://web;
    57. 

  57.     }
    58. 

  58. 

  59.     # forward any cache misses or bypass to the web container
    60. 

  60.     location / {
    61. 

  61.         proxy_pass http://web;
    62. 

  62.     }
    63. 

  63. 

  64.     # directly serve images and static files from the
    65. 

  65.     # bookwyrm filesystem using sendfile.
    66. 

  66.     # make the logs quieter by not reporting these requests
    67. 

  67.     location ~ ^/(images|static)/ {
    68. 

  68.         root /app;
    69. 

  69.         try_files $uri =404;
    70. 

  70.         add_header X-Cache-Status STATIC;
    71. 

  71.         access_log off;
    72. 

  72.     }
    73. 

  73. 

  74.     # monitor the celery queues with flower, no caching enabled
    75. 

  75.     location /flower/ {
    76. 

  76.        proxy_pass http://flower:8888;
    77. 

  77.        proxy_cache_bypass 1;
    78. 

  78.     }
    79. 

  79. }
    80.