Commit 926e3f53 authored by Ilja's avatar Ilja

nginx updates add cache

parent 2dec1a63
location / {
add_header 'Access-Control-Allow-Origin' '*';
location / {
# if you do not want remote frontends to be able to access your Pleroma backend
# server, remove these lines.
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'POST, PUT, DELETE, GET, PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Idempotency-Key' always;
add_header 'Access-Control-Expose-Headers' 'Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id' always;
if ($request_method = OPTIONS) {
return 204;
# stop removing lines here.
add_header X-XSS-Protection "1; mode=block";
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy same-origin;
add_header X-Download-Options noopen;
# Uncomment this only after you get HTTPS working.
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
location /proxy {
#proxy_cache pleroma_media_cache;
#proxy_cache_lock on;
location /.well-known/ {
proxy_set_header Host $http_host;
proxy_pass http://localhost:4000;
location ^~ /.well-known/acme-challenge/ {
allow all;
root /var/lib/letsencrypt/;
default_type "text/plain";
try_files $uri =404;
client_max_body_size 16m;
location /proxy {
proxy_cache pleroma_media_cache;
proxy_cache_lock on;
proxy_ignore_client_abort on;
proxy_pass http://localhost:4000;
proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g
inactive=720m use_temp_path=off;
......@@ -92,6 +92,8 @@ useradd $app --home-dir=$final_path
git clone $final_path/pleroma
# replace the generate_config file with a modified one to have it non-interactive
# There's a merge comming in Pleroma that makes it all non-interactive
cp ../conf/generate_config.ex $final_path/pleroma/lib/mix/tasks/generate_config.ex
chown -R $app: $final_path
......@@ -138,8 +140,9 @@ su - $app -c "cd $final_path/pleroma;mix local.rebar --force;mix local.hex --for
# TODO set up media cache. See pleroma/installation/pleroma.nginx
cp -rf "../conf/nginx.conf" "/etc/nginx/conf.d/$domain.d/$app.conf"
cp -rf "../conf/pleroma_cache.conf" "/etc/nginx/conf.d/pleroma_cache.conf"
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
......@@ -75,6 +75,7 @@ ynh_secure_remove "$final_path"
rm /etc/nginx/conf.d/pleroma_cache.conf
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment