|
|
@@ -1020,17 +1020,14 @@ function install_pleroma {
|
|
1020
|
1020
|
function_check nginx_http_redirect
|
|
1021
|
1021
|
nginx_http_redirect "$PLEROMA_DOMAIN_NAME" "index index.html"
|
|
1022
|
1022
|
{ echo '';
|
|
1023
|
|
- echo 'proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=100m inactive=80m use_temp_path=off;';
|
|
1024
|
|
- echo '';
|
|
1025
|
|
- echo 'server {';
|
|
1026
|
|
- echo ' listen 443 ssl http2;';
|
|
1027
|
|
- echo ' #listen [::]:443 ssl http2;';
|
|
1028
|
|
- echo " server_name $PLEROMA_DOMAIN_NAME;";
|
|
1029
|
|
- echo ''; } >> "$pleroma_nginx_site"
|
|
1030
|
|
- function_check nginx_compress
|
|
1031
|
|
- nginx_compress "$PLEROMA_DOMAIN_NAME"
|
|
1032
|
|
- echo '' >> "$pleroma_nginx_site"
|
|
1033
|
|
- echo ' # Security' >> "$pleroma_nginx_site"
|
|
|
1023
|
+ echo 'proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=100m inactive=80m use_temp_path=off;';
|
|
|
1024
|
+ echo '';
|
|
|
1025
|
+ echo 'server {';
|
|
|
1026
|
+ echo ' listen 443 ssl http2;';
|
|
|
1027
|
+ echo ' #listen [::]:443 ssl http2;';
|
|
|
1028
|
+ echo " server_name $PLEROMA_DOMAIN_NAME;";
|
|
|
1029
|
+ echo '';
|
|
|
1030
|
+ echo ' # Security'; } >> "$pleroma_nginx_site"
|
|
1034
|
1031
|
function_check nginx_ssl
|
|
1035
|
1032
|
nginx_ssl "$PLEROMA_DOMAIN_NAME"
|
|
1036
|
1033
|
|
|
|
@@ -1054,10 +1051,14 @@ function install_pleroma {
|
|
1054
|
1051
|
echo ' gzip_http_version 1.1;';
|
|
1055
|
1052
|
echo ' gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;';
|
|
1056
|
1053
|
echo '';
|
|
1057
|
|
- echo ' location / {'; } >> "$pleroma_nginx_site"
|
|
1058
|
|
- function_check nginx_limits
|
|
1059
|
|
- nginx_limits "$PLEROMA_DOMAIN_NAME" '15m'
|
|
1060
|
|
- { echo " add_header 'Access-Control-Allow-Origin' '*';";
|
|
|
1054
|
+ echo ' location / {';
|
|
|
1055
|
+ echo ' client_max_body_size 15m;';
|
|
|
1056
|
+ echo ' client_body_buffer_size 15m;';
|
|
|
1057
|
+ echo '';
|
|
|
1058
|
+ echo ' limit_conn conn_limit_per_ip 50;';
|
|
|
1059
|
+ echo ' limit_req zone=req_limit_per_ip burst=50 nodelay;';
|
|
|
1060
|
+ echo '';
|
|
|
1061
|
+ echo " add_header 'Access-Control-Allow-Origin' '*';";
|
|
1061
|
1062
|
echo ' proxy_http_version 1.1;';
|
|
1062
|
1063
|
echo " proxy_set_header Upgrade \$http_upgrade;";
|
|
1063
|
1064
|
echo ' proxy_set_header Connection "upgrade";';
|
|
|
@@ -1066,9 +1067,14 @@ function install_pleroma {
|
|
1066
|
1067
|
echo " proxy_pass http://localhost:$PLEROMA_PORT;";
|
|
1067
|
1068
|
echo ' }';
|
|
1068
|
1069
|
echo '';
|
|
1069
|
|
- echo ' location /proxy {'; } >> "$pleroma_nginx_site"
|
|
1070
|
|
- nginx_limits "$PLEROMA_DOMAIN_NAME" '15m'
|
|
1071
|
|
- { echo ' proxy_cache pleroma_media_cache;';
|
|
|
1070
|
+ echo ' location /proxy {';
|
|
|
1071
|
+ echo ' client_max_body_size 15m;';
|
|
|
1072
|
+ echo ' client_body_buffer_size 15m;';
|
|
|
1073
|
+ echo '';
|
|
|
1074
|
+ echo ' limit_conn conn_limit_per_ip 50;';
|
|
|
1075
|
+ echo ' limit_req zone=req_limit_per_ip burst=50 nodelay;';
|
|
|
1076
|
+ echo '';
|
|
|
1077
|
+ echo ' proxy_cache pleroma_media_cache;';
|
|
1072
|
1078
|
echo ' proxy_cache_lock on;';
|
|
1073
|
1079
|
echo " proxy_pass http://localhost:$PLEROMA_PORT;";
|
|
1074
|
1080
|
echo ' }';
|
|
|
@@ -1082,9 +1088,6 @@ function install_pleroma {
|
|
1082
|
1088
|
echo " listen 127.0.0.1:$PLEROMA_ONION_PORT default_server http2;";
|
|
1083
|
1089
|
echo " server_name $PLEROMA_ONION_HOSTNAME;";
|
|
1084
|
1090
|
echo ''; } >> "$pleroma_nginx_site"
|
|
1085
|
|
- function_check nginx_compress
|
|
1086
|
|
- nginx_compress "$PLEROMA_DOMAIN_NAME"
|
|
1087
|
|
- echo '' >> "$pleroma_nginx_site"
|
|
1088
|
1091
|
function_check nginx_security_options
|
|
1089
|
1092
|
nginx_security_options "$PLEROMA_DOMAIN_NAME"
|
|
1090
|
1093
|
{ echo '';
|
|
|
@@ -1103,10 +1106,14 @@ function install_pleroma {
|
|
1103
|
1106
|
echo ' gzip_http_version 1.1;';
|
|
1104
|
1107
|
echo ' gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;';
|
|
1105
|
1108
|
echo '';
|
|
1106
|
|
- echo ' location / {'; } >> "$pleroma_nginx_site"
|
|
1107
|
|
- function_check nginx_limits
|
|
1108
|
|
- nginx_limits "$PLEROMA_DOMAIN_NAME" '15m'
|
|
1109
|
|
- { echo " add_header 'Access-Control-Allow-Origin' '*';";
|
|
|
1109
|
+ echo ' location / {';
|
|
|
1110
|
+ echo ' client_max_body_size 15m;';
|
|
|
1111
|
+ echo ' client_body_buffer_size 15m;';
|
|
|
1112
|
+ echo '';
|
|
|
1113
|
+ echo ' limit_conn conn_limit_per_ip 50;';
|
|
|
1114
|
+ echo ' limit_req zone=req_limit_per_ip burst=50 nodelay;';
|
|
|
1115
|
+ echo '';
|
|
|
1116
|
+ echo " add_header 'Access-Control-Allow-Origin' '*';";
|
|
1110
|
1117
|
echo ' proxy_http_version 1.1;';
|
|
1111
|
1118
|
echo " proxy_set_header Upgrade \$http_upgrade;";
|
|
1112
|
1119
|
echo ' proxy_set_header Connection "upgrade";';
|
|
|
@@ -1115,9 +1122,14 @@ function install_pleroma {
|
|
1115
|
1122
|
echo " proxy_pass http://localhost:$PLEROMA_PORT;";
|
|
1116
|
1123
|
echo ' }';
|
|
1117
|
1124
|
echo '';
|
|
1118
|
|
- echo ' location /proxy {'; } >> "$pleroma_nginx_site"
|
|
1119
|
|
- nginx_limits "$PLEROMA_DOMAIN_NAME" '15m'
|
|
1120
|
|
- { echo ' proxy_cache pleroma_media_cache;';
|
|
|
1125
|
+ echo ' location /proxy {';
|
|
|
1126
|
+ echo ' client_max_body_size 15m;';
|
|
|
1127
|
+ echo ' client_body_buffer_size 15m;';
|
|
|
1128
|
+ echo '';
|
|
|
1129
|
+ echo ' limit_conn conn_limit_per_ip 50;';
|
|
|
1130
|
+ echo ' limit_req zone=req_limit_per_ip burst=50 nodelay;';
|
|
|
1131
|
+ echo '';
|
|
|
1132
|
+ echo ' proxy_cache pleroma_media_cache;';
|
|
1121
|
1133
|
echo ' proxy_cache_lock on;';
|
|
1122
|
1134
|
echo " proxy_pass http://localhost:$PLEROMA_PORT;";
|
|
1123
|
1135
|
echo ' }';
|
Bob Mottram
7 年之前