mirror of
https://github.com/bensuperpc/infrastructure.git
synced 2024-09-20 02:10:39 +02:00
104 lines
3.0 KiB
Plaintext
104 lines
3.0 KiB
Plaintext
#include /etc/nginx/conf.d/sub/cache-uwsgi.conf;
|
|
|
|
upstream flask_server {
|
|
# ip_hash;
|
|
server flask_website:8080;
|
|
# server flask_website:8080 weight=1 max_fails=3 fail_timeout=30s;
|
|
|
|
# Or: server unix:/app/flask_server.sock;
|
|
}
|
|
|
|
# Redirect all http requests to the main server wordpress_server
|
|
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
|
|
server_name bensuperpc.org www.bensuperpc.org flask.bensuperpc.org www.flask.bensuperpc.org;
|
|
|
|
location ~ /.well-known/acme-challenge {
|
|
allow all;
|
|
root /var/www/flask;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 443 ssl http2;
|
|
listen [::]:443 ssl http2;
|
|
|
|
server_name bensuperpc.org www.bensuperpc.org flask.bensuperpc.org www.flask.bensuperpc.org;
|
|
|
|
include /etc/nginx/conf.d/sub/gzip.conf;
|
|
|
|
# All things related to SSL
|
|
ssl_certificate /etc/letsencrypt/live/bensuperpc.org/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/bensuperpc.org/privkey.pem;
|
|
ssl_trusted_certificate /etc/letsencrypt/live/bensuperpc.org/chain.pem;
|
|
#ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
|
#add_header Strict-Transport-Security "max-age=31536000" always;
|
|
|
|
include /etc/nginx/conf.d/sub/options-ssl-nginx.conf;
|
|
|
|
#set $skip_cache 1;
|
|
#set $skip_reason "Disabled for now";
|
|
|
|
#if ($request_method = POST) {
|
|
# set $skip_cache 1;
|
|
# set $skip_reason "POST request";
|
|
#}
|
|
|
|
#if ($request_uri ~* "(/admin/|/logout|/login)") {
|
|
# set $skip_cache 1;
|
|
# set $skip_reason "request_uri";
|
|
#}
|
|
|
|
#if ($http_cookie ~* "remember_token") {
|
|
# set $skip_cache 1;
|
|
# set $skip_reason "${skip_reason}-http_cookie";
|
|
#}
|
|
|
|
location / { try_files $uri @flask_app; }
|
|
|
|
location @flask_app {
|
|
include uwsgi_params;
|
|
uwsgi_pass flask_server;
|
|
|
|
uwsgi_buffering on;
|
|
uwsgi_buffers 8 16k;
|
|
|
|
#uwsgi_cache_bypass $skip_cache;
|
|
#uwsgi_no_cache $skip_cache;
|
|
|
|
#uwsgi_cache_valid 200 302 10m;
|
|
#uwsgi_cache_valid 301 1h;
|
|
#uwsgi_cache_valid any 1m;
|
|
#uwsgi_cache_lock on;
|
|
|
|
#uwsgi_ignore_headers Vary;
|
|
#uwsgi_hide_header Vary;
|
|
|
|
#uwsgi_ignore_headers Expires Cache-Control Set-Cookie Vary;
|
|
#uwsgi_hide_header Vary;
|
|
|
|
#add_header X-cache $upstream_cache_status;
|
|
#add_header X-cache-reason $skip_reason;
|
|
|
|
#uwsgi_cache UWSGI;
|
|
}
|
|
|
|
# Don't write to accesslog for these files
|
|
location = /favicon.ico {
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
location = /robots.txt {
|
|
allow all;
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
}
|