-
Notifications
You must be signed in to change notification settings - Fork 40
/
nginx.conf.j2
214 lines (189 loc) · 7.54 KB
/
nginx.conf.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
user {{ galaxy_user_name }};
worker_processes 1;
daemon off;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
uwsgi_buffers 8 16384;
uwsgi_buffer_size 16384;
underscores_in_headers on;
sendfile on;
keepalive_timeout 600;
types_hash_max_size 2048;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
client_max_body_size 50g;
uwsgi_read_timeout 300;
{% if not galaxy_uwsgi %}
upstream galaxy_web_app {
server localhost:8080;
}
{% endif %}
server {
listen 80;
{% if galaxy_extras_config_ssl %}
rewrite ^ https://$host$request_uri permanent;
}
server {
listen 443 default ssl;
ssl_certificate {{ nginx_ssl_certificate }};
ssl_certificate_key {{ nginx_ssl_certificate_key }};
{% endif %}
{% if nginx_use_passwords %}
auth_basic "devbox";
auth_basic_user_file /etc/nginx/htpasswd;
{% endif %}
{% if nginx_proxy_reports %}
# enable reports under :80/reports/
location {{ nginx_reports_location }}/ {
# include authentification settings if enabled
include {{ nginx_conf_directory }}/reports_auth.conf;
proxy_pass http://127.0.0.1:{{ galaxy_reports_port }}/;
}
# serve static content for report app
location {{ nginx_reports_location }}/static {
alias {{ galaxy_server_dir }}/static;
gzip on;
gzip_types text/plain text/xml text/javascript text/css application/x-javascript;
expires 24h;
}
location {{ nginx_reports_location }}/static/style {
alias {{ galaxy_server_dir }}/static/style/blue;
gzip on;
gzip_types text/plain text/xml text/javascript text/css application/x-javascript;
expires 24h;
}
location {{ nginx_reports_location }}/static/scripts {
alias {{ galaxy_server_dir }}/static/scripts;
gzip on;
gzip_types text/plain text/javascript application/x-javascript;
expires 24h;
}
{% endif %}
# pass to uWSGI by default
{% if galaxy_uwsgi %}
include {{ nginx_conf_directory }}/uwsgi.conf;
{% else %}
include {{ nginx_conf_directory }}/galaxy_web.conf;
{% endif %}
{% if galaxy_extras_config_ssl_method == 'letsencrypt' %}
include {{ nginx_conf_directory }}/letsencrypt.conf;
{% endif %}
{% for a in nginx_additional_config %}
include {{ nginx_conf_directory }}/{{ a }}.conf;
{% endfor %}
{% if nginx_serve_planemo_machine_web %}
location {{ nginx_planemo_web_location }} {
alias {{ planemo_machine_web_dir }};
}
{% endif %}
# serve static content
location {{ nginx_galaxy_location }}/static {
alias {{ galaxy_server_dir }}/static;
gzip on;
gzip_types text/plain text/xml text/javascript text/css application/x-javascript;
expires 24h;
}
location {{ nginx_galaxy_location }}/static/style {
alias {{ galaxy_server_dir }}/static/style;
gzip on;
gzip_types text/plain text/xml text/javascript text/css application/x-javascript;
expires 24h;
}
location {{ nginx_galaxy_location }}/static/scripts {
alias {{ galaxy_server_dir }}/static/scripts;
gzip on;
gzip_types text/plain text/javascript application/x-javascript;
expires 24h;
}
location /favicon.ico {
alias {{ galaxy_server_dir }}/static/favicon.ico;
}
# delegated downloads
location /_x_accel_redirect/ {
internal;
alias /;
}
# this is needed if 'welcome_url' is set to /etc/galaxy/web
location {{ nginx_welcome_location }} {
alias {{ nginx_welcome_path }};
gzip on;
gzip_types text/plain text/xml text/javascript text/css application/x-javascript;
expires 24h;
}
location {{ nginx_interactive_environment_location }} {
proxy_pass http://localhost:8800/{{ nginx_interactive_environment_location }};
proxy_redirect off;
}
# IPython specific. Other IEs may require their own routes.
# For older IPython versions
location ~ ^{{ nginx_interactive_environment_location }}/jupyter/(?<nbtype>[^/]+)/api/kernels(?<rest>.*?)$ {
proxy_pass http://localhost:8800/{{ nginx_interactive_environment_location }}/jupyter/$nbtype/api/kernels$rest;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
# IPython specific. Other IEs may require their own routes.
# Newer version of IPython - please note the "kernelspecs" change
location ~ ^{{ nginx_interactive_environment_location }}/jupyter/(?<nbtype>[^/]+)/api/kernelspecs(?<rest>.*?)$ {
proxy_pass http://localhost:8800/{{ nginx_interactive_environment_location }}/jupyter/$nbtype/api/kernelspecs$rest;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location ~ ^{{ nginx_galaxy_location }}/plugins/(?<plug_type>.+?)/(?<vis_name>.+?)/static/(?<static_file>.*?)$ {
alias {{ galaxy_server_dir }}/config/plugins/$plug_type/$vis_name/static/$static_file;
}
{% if galaxy_extras_config_nginx_upload == True %}
# delegated uploads
location {{ nginx_galaxy_location }}/_upload {
upload_store {{ nginx_upload_store_path }};
upload_store_access user:rw;
upload_pass_form_field "";
upload_set_form_field "__${upload_field_name}__is_composite" "true";
upload_set_form_field "__${upload_field_name}__keys" "name path";
upload_set_form_field "${upload_field_name}_name" "$upload_file_name";
upload_set_form_field "${upload_field_name}_path" "$upload_tmp_path";
upload_pass_args on;
upload_pass {{ nginx_galaxy_location }}/_upload_done;
}
location {{ nginx_galaxy_location }}/_upload_done {
set $dst {{ nginx_galaxy_location }}/api/tools;
if ($args ~ nginx_redir=([^&]+)) {
set $dst $1;
}
rewrite "" $dst;
}
{% endif %}
{% if nginx_use_passwords %}
location /api {
auth_basic off;
proxy_pass http://galaxy_web_app/api;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
{% if galaxy_admin_user is defined and galaxy_admin_user %}
# hard-code a fixed user to pass to Galaxy to auto-login
proxy_set_header REMOTE_USER '{{ galaxy_admin_user }}';
{% endif %}
}
{% endif %}
# error docs
error_page 502 503 504 {{ nginx_prefix_location }}/error/502/index.shtml;
error_page 413 {{ nginx_prefix_location }}/error/413/index.html;
error_page 500 {{ nginx_prefix_location }}/error/500/index.html;
location {{ nginx_prefix_location }}/error {
ssi on;
alias {{ galaxy_errordocs_dest }};
}
}
}