summaryrefslogtreecommitdiff
path: root/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled
diff options
context:
space:
mode:
Diffstat (limited to 'sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled')
-rw-r--r--sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled/flog51
1 files changed, 51 insertions, 0 deletions
diff --git a/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled/flog b/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled/flog
new file mode 100644
index 0000000..93697cf
--- /dev/null
+++ b/sto-tug-kvm2.swamid.se/overlay/opt/flog/nginx/sites-enabled/flog
@@ -0,0 +1,51 @@
+# the upstream component nginx needs to connect to
+upstream django {
+ #server unix:///var/django/flog/flog/flog.sock; # for a file socket
+ server flog_app.docker:8000;
+}
+
+server {
+ # http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html
+ if ($http_transfer_encoding ~* chunked) {
+ return 444;
+ }
+
+ #listen 192.36.125.10:80;
+ listen 80;
+ #listen [2001:6b0:7::10]:80 ipv6only=on default_server;
+ listen [::]:80 ipv6only=on default_server;
+ #listen 192.36.125.10:443 ssl;
+ listen 443 ssl;
+ #listen [2001:6b0:7::10]:443 ssl ipv6only=on default_server;
+ listen [::]:443 ssl ipv6only=on default_server;
+
+ server_name flog.sunet.se;
+ charset utf-8;
+
+ ssl_certificate /etc/nginx/certs/flog.sunet.se.chained.pem;
+ ssl_certificate_key /etc/nginx/certs/flog.sunet.se.key;
+ # PFS settings from http://people.adams.edu/~cdmiller/posts/NSA_SSL_settings_for_nginx_and_apache/
+ # NOTE: these settings exclude Win XP with IE 6
+ #
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_prefer_server_ciphers on;
+ ssl_ciphers DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DES-CBC3-SHA:!ADH:!aNULL;
+
+ # max upload size
+ client_max_body_size 75M; # adjust to taste
+
+ # serve directly - analogous for static/staticfiles
+ #location /static/ { # STATIC_URL
+ # alias /var/django/flog/collectedfiles/; # STATIC_ROOT
+ # expires 30d;
+ #}
+
+ # Finally, send all non-media requests to the Django server.
+ location / {
+ uwsgi_pass django;
+ uwsgi_read_timeout 500;
+ include /etc/nginx/uwsgi_params;
+ proxy_buffering off;
+ }
+}
+
generated by cgit v1.1 at 2025-01-19 10:52:43 +0000