Commit 926e3f53 authored by Spctrl's avatar Spctrl

nginx updates add cache

parent 2dec1a63
location / { location / {
add_header 'Access-Control-Allow-Origin' '*'; # if you do not want remote frontends to be able to access your Pleroma backend
proxy_http_version 1.1; # server, remove these lines.
proxy_set_header Upgrade $http_upgrade; add_header 'Access-Control-Allow-Origin' '*' always;
proxy_set_header Connection "upgrade"; add_header 'Access-Control-Allow-Methods' 'POST, PUT, DELETE, GET, PATCH, OPTIONS' always;
proxy_set_header Host $http_host; add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Idempotency-Key' always;
proxy_pass http://127.0.0.1:4000$request_uri; add_header 'Access-Control-Expose-Headers' 'Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id' always;
} if ($request_method = OPTIONS) {
return 204;
}
# stop removing lines here.
location /proxy { add_header X-XSS-Protection "1; mode=block";
#proxy_cache pleroma_media_cache; add_header X-Permitted-Cross-Domain-Policies none;
#proxy_cache_lock on; add_header X-Frame-Options DENY;
proxy_pass http://127.0.0.1:4000$request_uri; add_header X-Content-Type-Options nosniff;
} add_header Referrer-Policy same-origin;
add_header X-Download-Options noopen;
# Uncomment this only after you get HTTPS working.
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
location /.well-known/ { proxy_http_version 1.1;
proxy_set_header Host $http_host; proxy_set_header Upgrade $http_upgrade;
proxy_pass http://127.0.0.1:4000$request_uri; proxy_set_header Connection "upgrade";
} proxy_set_header Host $http_host;
location ^~ /.well-known/acme-challenge/ { proxy_pass http://localhost:4000;
allow all;
root /var/lib/letsencrypt/;
default_type "text/plain";
try_files $uri =404;
}
client_max_body_size 16m;
}
location /proxy {
proxy_cache pleroma_media_cache;
proxy_cache_lock on;
proxy_ignore_client_abort on;
proxy_pass http://localhost:4000;
}
proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g
inactive=720m use_temp_path=off;
...@@ -92,6 +92,8 @@ useradd $app --home-dir=$final_path ...@@ -92,6 +92,8 @@ useradd $app --home-dir=$final_path
git clone https://git.pleroma.social/pleroma/pleroma $final_path/pleroma git clone https://git.pleroma.social/pleroma/pleroma $final_path/pleroma
# replace the generate_config file with a modified one to have it non-interactive # replace the generate_config file with a modified one to have it non-interactive
# There's a merge comming in Pleroma that makes it all non-interactive
# https://git.pleroma.social/pleroma/pleroma/merge_requests/243
cp ../conf/generate_config.ex $final_path/pleroma/lib/mix/tasks/generate_config.ex cp ../conf/generate_config.ex $final_path/pleroma/lib/mix/tasks/generate_config.ex
chown -R $app: $final_path chown -R $app: $final_path
...@@ -138,8 +140,9 @@ su - $app -c "cd $final_path/pleroma;mix local.rebar --force;mix local.hex --for ...@@ -138,8 +140,9 @@ su - $app -c "cd $final_path/pleroma;mix local.rebar --force;mix local.hex --for
#================================================= #=================================================
# NGINX CONFIGURATION # NGINX CONFIGURATION
#================================================= #=================================================
# TODO set up media cache. See pleroma/installation/pleroma.nginx
cp -rf "../conf/nginx.conf" "/etc/nginx/conf.d/$domain.d/$app.conf" cp -rf "../conf/nginx.conf" "/etc/nginx/conf.d/$domain.d/$app.conf"
cp -rf "../conf/pleroma_cache.conf" "/etc/nginx/conf.d/pleroma_cache.conf"
ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf" ynh_store_file_checksum "/etc/nginx/conf.d/$domain.d/$app.conf"
#================================================= #=================================================
......
...@@ -75,6 +75,7 @@ ynh_secure_remove "$final_path" ...@@ -75,6 +75,7 @@ ynh_secure_remove "$final_path"
#================================================= #=================================================
ynh_remove_nginx_config ynh_remove_nginx_config
rm /etc/nginx/conf.d/pleroma_cache.conf
#================================================= #=================================================
# REMOVE LOGROTATE CONFIGURATION # REMOVE LOGROTATE CONFIGURATION
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment