free
/
freedombone
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Pleroma nginx settings

Bob Mottram 7 years ago
parent
d182a363b6
commit
3b1940c1f9
1 changed files with 40 additions and 28 deletions
Unified View Show Diff Stats
  1. 40
    28
      src/freedombone-app-pleroma

+ 40
- 28
src/freedombone-app-pleroma View File

1020 
         function_check nginx_http_redirect
 1020 
         function_check nginx_http_redirect
1021 
         nginx_http_redirect "$PLEROMA_DOMAIN_NAME" "index index.html"
 1021 
         nginx_http_redirect "$PLEROMA_DOMAIN_NAME" "index index.html"
1022 
         { echo '';
 1022 
         { echo '';
1023 
-        echo 'proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=100m inactive=80m use_temp_path=off;';
1024 
-        echo '';
1025 
-        echo 'server {';
1026 
-        echo '  listen 443 ssl http2;';
1027 
-        echo '  #listen [::]:443 ssl http2;';
1028 
-        echo "  server_name $PLEROMA_DOMAIN_NAME;";
1029 
-        echo ''; } >> "$pleroma_nginx_site"
1030 
-        function_check nginx_compress
1031 
-        nginx_compress "$PLEROMA_DOMAIN_NAME"
1032 
-        echo '' >> "$pleroma_nginx_site"
1033 
-        echo '  # Security' >> "$pleroma_nginx_site"
1023 
+          echo 'proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=100m inactive=80m use_temp_path=off;';
1024 
+          echo '';
1025 
+          echo 'server {';
1026 
+          echo '  listen 443 ssl http2;';
1027 
+          echo '  #listen [::]:443 ssl http2;';
1028 
+          echo "  server_name $PLEROMA_DOMAIN_NAME;";
1029 
+          echo '';
1030 
+          echo '  # Security'; } >> "$pleroma_nginx_site"
1034 
         function_check nginx_ssl
 1031 
         function_check nginx_ssl
1035 
         nginx_ssl "$PLEROMA_DOMAIN_NAME"
 1032 
         nginx_ssl "$PLEROMA_DOMAIN_NAME"
1036
1033
1054 
           echo '  gzip_http_version 1.1;';
 1051 
           echo '  gzip_http_version 1.1;';
1055 
           echo '  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;';
 1052 
           echo '  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;';
1056 
           echo '';
 1053 
           echo '';
1057 
-          echo '  location / {'; } >> "$pleroma_nginx_site"
1058 
-        function_check nginx_limits
1059 
-        nginx_limits "$PLEROMA_DOMAIN_NAME" '15m'
1060 
-        { echo "    add_header 'Access-Control-Allow-Origin' '*';";
1054 
+          echo '  location / {';
1055 
+          echo '    client_max_body_size 15m;';
1056 
+          echo '    client_body_buffer_size 15m;';
1057 
+          echo '';
1058 
+          echo '    limit_conn conn_limit_per_ip 50;';
1059 
+          echo '    limit_req zone=req_limit_per_ip burst=50 nodelay;';
1060 
+          echo '';
1061 
+          echo "    add_header 'Access-Control-Allow-Origin' '*';";
1061 
           echo '    proxy_http_version 1.1;';
 1062 
           echo '    proxy_http_version 1.1;';
1062 
           echo "    proxy_set_header Upgrade \$http_upgrade;";
 1063 
           echo "    proxy_set_header Upgrade \$http_upgrade;";
1063 
           echo '    proxy_set_header Connection "upgrade";';
 1064 
           echo '    proxy_set_header Connection "upgrade";';
1066 
           echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
 1067 
           echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
1067 
           echo '  }';
 1068 
           echo '  }';
1068 
           echo '';
 1069 
           echo '';
1069 
-          echo '  location /proxy {'; } >> "$pleroma_nginx_site"
1070 
-        nginx_limits "$PLEROMA_DOMAIN_NAME" '15m'
1071 
-        { echo '    proxy_cache pleroma_media_cache;';
1070 
+          echo '  location /proxy {';
1071 
+          echo '    client_max_body_size 15m;';
1072 
+          echo '    client_body_buffer_size 15m;';
1073 
+          echo '';
1074 
+          echo '    limit_conn conn_limit_per_ip 50;';
1075 
+          echo '    limit_req zone=req_limit_per_ip burst=50 nodelay;';
1076 
+          echo '';
1077 
+          echo '    proxy_cache pleroma_media_cache;';
1072 
           echo '    proxy_cache_lock on;';
 1078 
           echo '    proxy_cache_lock on;';
1073 
           echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
 1079 
           echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
1074 
           echo '  }';
 1080 
           echo '  }';
1082 
       echo "    listen 127.0.0.1:$PLEROMA_ONION_PORT default_server http2;";
 1088 
       echo "    listen 127.0.0.1:$PLEROMA_ONION_PORT default_server http2;";
1083 
       echo "    server_name $PLEROMA_ONION_HOSTNAME;";
 1089 
       echo "    server_name $PLEROMA_ONION_HOSTNAME;";
1084 
       echo ''; } >> "$pleroma_nginx_site"
 1090 
       echo ''; } >> "$pleroma_nginx_site"
1085 
-    function_check nginx_compress
1086 
-    nginx_compress "$PLEROMA_DOMAIN_NAME"
1087 
-    echo '' >> "$pleroma_nginx_site"
1088 
     function_check nginx_security_options
 1091 
     function_check nginx_security_options
1089 
     nginx_security_options "$PLEROMA_DOMAIN_NAME"
 1092 
     nginx_security_options "$PLEROMA_DOMAIN_NAME"
1090 
     { echo '';
 1093 
     { echo '';
1103 
       echo '  gzip_http_version 1.1;';
 1106 
       echo '  gzip_http_version 1.1;';
1104 
       echo '  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;';
 1107 
       echo '  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;';
1105 
       echo '';
 1108 
       echo '';
1106 
-      echo '  location / {'; } >> "$pleroma_nginx_site"
1107 
-    function_check nginx_limits
1108 
-    nginx_limits "$PLEROMA_DOMAIN_NAME" '15m'
1109 
-    { echo "      add_header 'Access-Control-Allow-Origin' '*';";
1109 
+      echo '  location / {';
1110 
+      echo '    client_max_body_size 15m;';
1111 
+      echo '    client_body_buffer_size 15m;';
1112 
+      echo '';
1113 
+      echo '    limit_conn conn_limit_per_ip 50;';
1114 
+      echo '    limit_req zone=req_limit_per_ip burst=50 nodelay;';
1115 
+      echo '';
1116 
+      echo "      add_header 'Access-Control-Allow-Origin' '*';";
1110 
       echo '      proxy_http_version 1.1;';
 1117 
       echo '      proxy_http_version 1.1;';
1111 
       echo "      proxy_set_header Upgrade \$http_upgrade;";
 1118 
       echo "      proxy_set_header Upgrade \$http_upgrade;";
1112 
       echo '      proxy_set_header Connection "upgrade";';
 1119 
       echo '      proxy_set_header Connection "upgrade";';
1115 
       echo "      proxy_pass http://localhost:$PLEROMA_PORT;";
 1122 
       echo "      proxy_pass http://localhost:$PLEROMA_PORT;";
1116 
       echo '  }';
 1123 
       echo '  }';
1117 
       echo '';
 1124 
       echo '';
1118 
-      echo '  location /proxy {'; } >> "$pleroma_nginx_site"
1119 
-    nginx_limits "$PLEROMA_DOMAIN_NAME" '15m'
1120 
-    { echo '    proxy_cache pleroma_media_cache;';
1125 
+      echo '  location /proxy {';
1126 
+      echo '    client_max_body_size 15m;';
1127 
+      echo '    client_body_buffer_size 15m;';
1128 
+      echo '';
1129 
+      echo '    limit_conn conn_limit_per_ip 50;';
1130 
+      echo '    limit_req zone=req_limit_per_ip burst=50 nodelay;';
1131 
+      echo '';
1132 
+      echo '    proxy_cache pleroma_media_cache;';
1121 
       echo '    proxy_cache_lock on;';
 1133 
       echo '    proxy_cache_lock on;';
1122 
       echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
 1134 
       echo "    proxy_pass http://localhost:$PLEROMA_PORT;";
1123 
       echo '  }';
 1135 
       echo '  }';