This repository has been archived by the owner on Jan 30, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 81
/
nginx.conf.j2
85 lines (72 loc) · 3.05 KB
/
nginx.conf.j2
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# TODO: Support IPv6.
# TODO: Configure SSL certificates.
# TODO: Maybe serve multiple `location`s, not just one.
{% if ansible_os_family == "RedHat" %}
# The "nginx" package on fedora creates this user and group.
user nginx nginx;
{% endif %}
# Gunicorn docs suggest this value.
worker_processes 1;
events {
worker_connections 1024; # increase if you have lots of clients
accept_mutex off; # set to 'on' if nginx worker_processes > 1
}
http {
include mime.types;
# fallback in case we can't determine a type
default_type application/octet-stream;
sendfile on;
# If left at the default of 1024, nginx emits a warning about being unable
# to build optimal hash types.
types_hash_max_size 4096;
upstream pulp {
server {{ pulp_api_host }}:{{ pulp_api_port }};
server {{ pulp_content_host }}:{{ pulp_content_port }};
}
server {
# Gunicorn docs suggest the use of the "deferred" directive on Linux.
listen 80 default_server deferred;
server_name $hostname;
# The default client_max_body_size is 1m. Clients uploading
# files larger than this will need to chunk said files.
# Gunicorn docs suggest this value.
keepalive_timeout 5;
# Path to Pulp's static files.
root {{ pulp_webserver_static_dir }};
location /pulp/content/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_pass http://{{ pulp_content_host }}:{{ pulp_content_port }};
}
location /pulp/api/v3/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_pass http://{{ pulp_api_host }}:{{ pulp_api_port }};
}
location / {
# checks for static file, if not found proxy to app
try_files $uri @proxy_to_app;
}
location @proxy_to_app {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_pass http://pulp;
# This routes to both the pulpcore-content and the pulpcore-api
# as if they are one service because both services allow for
# plugin writers to configure arbitrary url handlers.
proxy_next_upstream http_404; # Try the other service upon 404
}
}
}