From 9f867f775f349452ea870343d8e0691dcfcdfb84 Mon Sep 17 00:00:00 2001 From: Egor fureunoir Gorbunov Date: Mon, 10 Nov 2025 13:07:24 +0300 Subject: [PATCH] Features: 1) None; Fixes: 1) None; Extra: 1) Reformatted `nginx.conf` for improved readability by aligning indentation and spacing across all directives and blocks; --- nginx.conf | 203 ++++++++++++++++++++++++++++------------------------- 1 file changed, 107 insertions(+), 96 deletions(-) diff --git a/nginx.conf b/nginx.conf index ecd2cf33..22af2b6c 100644 --- a/nginx.conf +++ b/nginx.conf @@ -11,157 +11,168 @@ upstream storefront_frontend { } server { - listen 443 ssl http2; - server_name api.evibes.com; - ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/evibes.com/privkey.pem; - include /etc/letsencrypt/options-ssl-nginx.conf; - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; - ssl_session_cache shared:SSL:10m; - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; - add_header X-Frame-Options SAMEORIGIN always; - add_header X-Content-Type-Options nosniff always; - add_header Referrer-Policy no-referrer-when-downgrade always; - client_max_body_size 100M; + listen 443 ssl http2; + server_name api.evibes.com; + + ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/evibes.com/privkey.pem; + include /etc/letsencrypt/options-ssl-nginx.conf; + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; + ssl_session_cache shared:SSL:10m; + + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; + add_header X-Frame-Options SAMEORIGIN always; + add_header X-Content-Type-Options nosniff always; + add_header Referrer-Policy no-referrer-when-downgrade always; + + client_max_body_size 100M; location / { - proxy_pass http://django_backend; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_read_timeout 300; - proxy_send_timeout 300; + proxy_pass http://django_backend; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_read_timeout 300; + proxy_send_timeout 300; } location /favicon.ico { - add_header Access-Control-Allow-Origin "*"; - root /var/jenkins/workspace/evibes/static; + add_header Access-Control-Allow-Origin "*"; + root /var/jenkins/workspace/evibes/static; } location = /robots.txt { - add_header Access-Control-Allow-Origin "*"; - alias /var/jenkins/workspace/evibes/static/robots_backend.txt; - default_type text/plain; + add_header Access-Control-Allow-Origin "*"; + alias /var/jenkins/workspace/evibes/static/robots_backend.txt; + default_type text/plain; } location /static/ { - add_header Access-Control-Allow-Origin "*"; - root /var/jenkins/workspace/evibes; + add_header Access-Control-Allow-Origin "*"; + root /var/jenkins/workspace/evibes; } location /media/ { - add_header Access-Control-Allow-Origin "*"; - root /var/jenkins/workspace/evibes; + add_header Access-Control-Allow-Origin "*"; + root /var/jenkins/workspace/evibes; } - error_page 500 502 503 504 /maintenance.html; + error_page 500 502 503 504 /maintenance.html; + location = /maintenance.html { - add_header Access-Control-Allow-Origin "*"; - root /var/jenkins/workspace/evibes/static; - internal; + add_header Access-Control-Allow-Origin "*"; + root /var/jenkins/workspace/evibes/static; + internal; } } server { - listen 443 ssl http2; - server_name evibes.com www.evibes.com; - ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/evibes.com/privkey.pem; - include /etc/letsencrypt/options-ssl-nginx.conf; - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; - ssl_session_cache shared:SSL:10m; - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; - add_header X-Frame-Options SAMEORIGIN always; - add_header X-Content-Type-Options nosniff always; - add_header Referrer-Policy no-referrer-when-downgrade always; + listen 443 ssl http2; + server_name evibes.com www.evibes.com; + + ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/evibes.com/privkey.pem; + include /etc/letsencrypt/options-ssl-nginx.conf; + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; + ssl_session_cache shared:SSL:10m; + + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; + add_header X-Frame-Options SAMEORIGIN always; + add_header X-Content-Type-Options nosniff always; + add_header Referrer-Policy no-referrer-when-downgrade always; location /favicon.ico { - add_header Access-Control-Allow-Origin "*"; - root /var/jenkins/workspace/evibes/static; + add_header Access-Control-Allow-Origin "*"; + root /var/jenkins/workspace/evibes/static; } location = /robots.txt { - add_header Access-Control-Allow-Origin "*"; - alias /var/jenkins/workspace/evibes/static/robots_frontend.txt; - default_type text/plain; + add_header Access-Control-Allow-Origin "*"; + alias /var/jenkins/workspace/evibes/static/robots_frontend.txt; + default_type text/plain; } location ~ ^/sitemap(?:-(?P
[a-z]+)(?:-(?P\d+))?)?\.xml$ { - proxy_pass http://django_backend$request_uri; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header Accept "application/xml"; + proxy_pass http://django_backend$request_uri; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Accept "application/xml"; } location / { - proxy_pass http://storefront_frontend; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://storefront_frontend; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; } location @maintenance { - return 503; + return 503; } - error_page 503 404 500 502 504 /maintenance.html; + error_page 503 404 500 502 504 /maintenance.html; + location = /maintenance.html { - add_header Access-Control-Allow-Origin "*"; - root /var/jenkins/workspace/evibes/static; - internal; + add_header Access-Control-Allow-Origin "*"; + root /var/jenkins/workspace/evibes/static; + internal; } } server { - listen 443 ssl http2; - server_name prometheus.evibes.com; - ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/evibes.com/privkey.pem; - include /etc/letsencrypt/options-ssl-nginx.conf; - ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; - ssl_session_cache shared:SSL:10m; - add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; - add_header X-Frame-Options SAMEORIGIN always; - add_header X-Content-Type-Options nosniff always; - add_header Referrer-Policy no-referrer-when-downgrade always; - client_max_body_size 100M; + listen 443 ssl http2; + server_name prometheus.evibes.com; + + ssl_certificate /etc/letsencrypt/live/evibes.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/evibes.com/privkey.pem; + include /etc/letsencrypt/options-ssl-nginx.conf; + ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; + ssl_session_cache shared:SSL:10m; + + add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; + add_header X-Frame-Options SAMEORIGIN always; + add_header X-Content-Type-Options nosniff always; + add_header Referrer-Policy no-referrer-when-downgrade always; + + client_max_body_size 100M; location / { - proxy_pass http://prom_backend; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://prom_backend; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; } location = /robots.txt { - add_header Access-Control-Allow-Origin "*"; - alias /var/jenkins/workspace/evibes/static/robots_backend.txt; - default_type text/plain; + add_header Access-Control-Allow-Origin "*"; + alias /var/jenkins/workspace/evibes/static/robots_backend.txt; + default_type text/plain; } location /favicon.ico { - add_header Access-Control-Allow-Origin "*"; - root /var/jenkins/workspace/evibes/static; + add_header Access-Control-Allow-Origin "*"; + root /var/jenkins/workspace/evibes/static; } - error_page 500 502 503 504 /maintenance.html; + error_page 500 502 503 504 /maintenance.html; + location = /maintenance.html { - add_header Access-Control-Allow-Origin "*"; - root /var/jenkins/workspace/evibes/static; - internal; + add_header Access-Control-Allow-Origin "*"; + root /var/jenkins/workspace/evibes/static; + internal; } } server { - listen 80; - server_name api.evibes.com www.evibes.com evibes.com prometheus.evibes.com; - return 301 https://$host$request_uri; + listen 80; + server_name api.evibes.com www.evibes.com evibes.com prometheus.evibes.com; + return 301 https://$host$request_uri; }