Home Verkennen Help
Inloggen
strysg
/
acreditacion-industrial-umsa-web
Volgen 1
Ster 0
Vork 0
Bestanden Kwesties 0 Pull-aanvragen 0 Wiki
Aftakking: master
Aftakkingen Labels
acreditacion...
/
deploy
/
nginx.conf.template

nginx.conf.template 2.3 KB
Permalink Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657 
  1. 

  2. upstream %(proj_name)s {
    3. 

  3.     server unix:%(proj_path)s/gunicorn.sock fail_timeout=0;
    4. 

  4. }
    5. 

  5. 

  6. server {
    7. 

  7. 

  8.     listen 80;
    9. 

  9.     %(ssl_disabled)s listen 443 ssl;
    10. 

  10.     server_name %(domains_nginx)s;
    11. 

  11.     client_max_body_size 10M;
    12. 

  12.     keepalive_timeout    15;
    13. 

  13.     error_log /home/%(user)s/logs/%(proj_name)s_error_nginx.log info;
    14. 

  14. 

  15.     %(ssl_disabled)s ssl_certificate      conf/%(proj_name)s.crt;
    16. 

  16.     %(ssl_disabled)s ssl_certificate_key  conf/%(proj_name)s.key;
    17. 

  17.     %(ssl_disabled)s ssl_session_cache    shared:SSL:10m;
    18. 

  18.     %(ssl_disabled)s ssl_session_timeout  10m;
    19. 

  19.     %(ssl_disabled)s ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA;
    20. 

  20.     %(ssl_disabled)s ssl_prefer_server_ciphers on;
    21. 

  21.     %(ssl_disabled)s ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
    22. 

  22. 

  23.     # Deny illegal Host headers
    24. 

  24.     if ($host !~* ^(%(domains_regex)s)$) {
    25. 

  25.         return 444;
    26. 

  26.     }
    27. 

  27. 

  28.     location / {
    29. 

  29.         proxy_redirect      off;
    30. 

  30.         proxy_set_header    Host                    $host;
    31. 

  31.         proxy_set_header    X-Real-IP               $remote_addr;
    32. 

  32.         proxy_set_header    X-Forwarded-For         $proxy_add_x_forwarded_for;
    33. 

  33.         proxy_set_header    X-Forwarded-Protocol    $scheme;
    34. 

  34.         proxy_pass          http://%(proj_name)s;
    35. 

  35.     }
    36. 

  36. 

  37.     location /static/ {
    38. 

  38.         root            %(proj_path)s;
    39. 

  39.         access_log      off;
    40. 

  40.         log_not_found   off;
    41. 

  41.         expires 30d;
    42. 

  42.     }
    43. 

  43. 

  44.     location /robots.txt {
    45. 

  45.         root            %(proj_path)s/static;
    46. 

  46.         access_log      off;
    47. 

  47.         log_not_found   off;
    48. 

  48.     }
    49. 

  49. 

  50.     location /favicon.ico {
    51. 

  51.         root            %(proj_path)s/static/img;
    52. 

  52.         access_log      off;
    53. 

  53.         log_not_found   off;
    54. 

  54.     }
    55. 

  55. 

  56. }
    57. 

  57.