53 lines
No EOL
1.4 KiB
Django/Jinja
53 lines
No EOL
1.4 KiB
Django/Jinja
server {
|
|
listen 443 ssl http2;
|
|
listen [::]:443 ssl http2;
|
|
|
|
server_name {{ movim.domain }};
|
|
ssl_certificate /etc/letsencrypt/live/{{ movim.domain }}/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/{{ movim.domain }}/privkey.pem;
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
|
|
|
# Where Movim public directory is setup
|
|
root {{ movim.path }}/public;
|
|
|
|
index index.php;
|
|
|
|
# Ask nginx to cache every URL starting with "/picture"
|
|
location /picture {
|
|
set $no_cache 0; # Enable cache only there
|
|
try_files $uri $uri/ /index.php$is_args$args;
|
|
}
|
|
|
|
location / {
|
|
set $no_cache 1;
|
|
try_files $uri $uri/ /index.php$is_args$args;
|
|
}
|
|
|
|
location ~ \.php$ {
|
|
add_header X-Cache $upstream_cache_status;
|
|
|
|
fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
|
fastcgi_ignore_headers "Cache-Control" "Expires" "Set-Cookie";
|
|
fastcgi_cache_valid any 7d;
|
|
fastcgi_cache_bypass $no_cache;
|
|
fastcgi_no_cache $no_cache;
|
|
|
|
# Pass everything to PHP FastCGI, at the discretion of the administrator
|
|
include fastcgi.conf;
|
|
}
|
|
|
|
location /ws/ {
|
|
proxy_pass http://127.0.0.1:8080/;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto https;
|
|
proxy_redirect off;
|
|
proxy_read_timeout 1800s;
|
|
proxy_send_timeout 1800s;
|
|
}
|
|
} |