Features: 1) Add new /static/ and /media/ location blocks for serving static and media files.
Fixes: 1) Normalize spacing and indentation throughout `nginx.conf`. Extra: Improve readability and consistency of configuration file by aligning header and directive formatting.
This commit is contained in:
parent
cd2e6c31cf
commit
10434d8e2b
1 changed files with 82 additions and 77 deletions
159
nginx.conf
159
nginx.conf
|
|
@ -13,145 +13,150 @@ upstream storefront_frontend {
|
|||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name api.evibes.com;
|
||||
ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem;
|
||||
ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/evibes.com/privkey.pem;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
||||
add_header X-Frame-Options SAMEORIGIN always;
|
||||
add_header X-Content-Type-Options nosniff always;
|
||||
add_header Referrer-Policy no-referrer-when-downgrade always;
|
||||
add_header X-Frame-Options SAMEORIGIN always;
|
||||
add_header X-Content-Type-Options nosniff always;
|
||||
add_header Referrer-Policy no-referrer-when-downgrade always;
|
||||
client_max_body_size 100M;
|
||||
|
||||
location / {
|
||||
proxy_pass http://django_backend;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_read_timeout 300;
|
||||
proxy_send_timeout 300;
|
||||
proxy_pass http://django_backend;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
proxy_read_timeout 300;
|
||||
proxy_send_timeout 300;
|
||||
}
|
||||
|
||||
location /favicon.ico {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
alias /var/jenkins/workspace/evibes/static/robots_backend.txt;
|
||||
default_type text/plain;
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
alias /var/jenkins/workspace/evibes/static/robots_backend.txt;
|
||||
default_type text/plain;
|
||||
}
|
||||
|
||||
location /static/ {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes;
|
||||
}
|
||||
|
||||
location /media/ {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes;
|
||||
}
|
||||
|
||||
error_page 500 502 503 504 /maintenance.html;
|
||||
location = /maintenance.html {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
internal;
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
internal;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name evibes.com www.evibes.com;
|
||||
ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem;
|
||||
ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/evibes.com/privkey.pem;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
||||
add_header X-Frame-Options SAMEORIGIN always;
|
||||
add_header X-Content-Type-Options nosniff always;
|
||||
add_header Referrer-Policy no-referrer-when-downgrade always;
|
||||
add_header X-Frame-Options SAMEORIGIN always;
|
||||
add_header X-Content-Type-Options nosniff always;
|
||||
add_header Referrer-Policy no-referrer-when-downgrade always;
|
||||
|
||||
location /favicon.ico {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
alias /var/jenkins/workspace/evibes/static/robots_frontend.txt;
|
||||
default_type text/plain;
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
alias /var/jenkins/workspace/evibes/static/robots_frontend.txt;
|
||||
default_type text/plain;
|
||||
}
|
||||
|
||||
location ~ ^/sitemap(?:-(?P<section>[a-z]+)(?:-(?P<page>\d+))?)?\.xml$ {
|
||||
proxy_pass http://django_backend$request_uri;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Accept "application/xml";
|
||||
proxy_pass http://django_backend$request_uri;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Accept "application/xml";
|
||||
}
|
||||
|
||||
location / {
|
||||
proxy_pass http://storefront_frontend;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_pass http://storefront_frontend;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
|
||||
location @maintenance {
|
||||
return 503;
|
||||
return 503;
|
||||
}
|
||||
|
||||
error_page 503 404 500 502 504 /maintenance.html;
|
||||
location = /maintenance.html {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
internal;
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
internal;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name prometheus.evibes.com;
|
||||
ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem;
|
||||
ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/evibes.com/privkey.pem;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
|
||||
add_header X-Frame-Options SAMEORIGIN always;
|
||||
add_header X-Content-Type-Options nosniff always;
|
||||
add_header Referrer-Policy no-referrer-when-downgrade always;
|
||||
add_header X-Frame-Options SAMEORIGIN always;
|
||||
add_header X-Content-Type-Options nosniff always;
|
||||
add_header Referrer-Policy no-referrer-when-downgrade always;
|
||||
client_max_body_size 100M;
|
||||
|
||||
location / {
|
||||
proxy_pass http://prom_backend;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_pass http://prom_backend;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
alias /var/jenkins/workspace/evibes/static/robots_backend.txt;
|
||||
default_type text/plain;
|
||||
}
|
||||
|
||||
location /static/ {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes;
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
alias /var/jenkins/workspace/evibes/static/robots_backend.txt;
|
||||
default_type text/plain;
|
||||
}
|
||||
|
||||
location /favicon.ico {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
}
|
||||
|
||||
error_page 500 502 503 504 /maintenance.html;
|
||||
location = /maintenance.html {
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
internal;
|
||||
add_header Access-Control-Allow-Origin "*";
|
||||
root /var/jenkins/workspace/evibes/static;
|
||||
internal;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in a new issue