-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathchlambase_nginx.conf
98 lines (81 loc) · 3.07 KB
/
chlambase_nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# the upstream component nginx needs to connect to
upstream django {
#server unix:///home/ubuntu/mysite/mysite.sock; # for a file socket
server 127.0.0.1:8001; # for a web port socket (we'll use this first)
}
# Expires map
map $sent_http_content_type $expires {
default off;
text/html max;
text/css max;
application/javascript 604800;
~image/ max;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name *.chlambase.org chlambase.org;
return 301 https://$host$request_uri;
#rewrite ^ https://$host$request_uri? permanent;
}
# configuration of the server
server {
#gzip compression
gzip on;
gzip_min_length 20;
gzip_proxied any;
gzip_types *;
gzip_vary on;
# the port your site will be served on
#listen 80;
# the domain name it will serve for
# server_name 13.58.104.209; # substitute your machine's IP address or FQDN
server_name *.chlambase.org chlambase.org;
charset utf-8;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias /home/ubuntu/cb_production/wiki/media; # your Django project's media files - amend as required
}
location /static {
alias /home/ubuntu/cb_production/wiki/static; # your Django project's static files - amend as required
}
location /expasy/ {
proxy_pass https://enzyme.expasy.org:443/;
proxy_redirect off;
proxy_ssl_session_reuse off;
}
location /efetch {
resolver 8.8.8.8;
proxy_pass https://eutils.ncbi.nlm.nih.gov/entrez/eutils/efetch.fcgi$is_args$args;
proxy_redirect off;
proxy_ssl_session_reuse off;
}
# Finally, send all non-media requests to the Django server.
location / {
#add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
#add_header "Vary" "Origin";
# CORS header
#if ($request_method ~* "(GET|POST)") {
# add_header "Access-Control-Allow-Origin" *;
#}
# Preflighted requests
#if ($request_method = OPTIONS ) {
# add_header "Access-Control-Allow-Origin" *;
# add_header "Access-Control-Allow-Methods" "GET, POST, OPTIONS, HEAD";
# add_header "Access-Control-Allow-Headers" "Authorization, Origin, X-Requested-With, Content-Type, Accept";
# return 200;
#}
uwsgi_pass django;
include /home/ubuntu/cb_production/uwsgi_params; # the uwsgi_params file you installed
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/chlambase.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/chlambase.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# for browser caching
expires $expires;
}