|
|
|
@ -22,69 +22,69 @@ upstream puma_ikea { |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# # https |
|
|
|
# server { |
|
|
|
# listen 443 ssl http2; |
|
|
|
# server_name ikea-foundation-week-2024.onc.dk; |
|
|
|
# |
|
|
|
# # keepalive_timeout 300; |
|
|
|
# keepalive_timeout 5; |
|
|
|
# client_max_body_size 4G; |
|
|
|
# |
|
|
|
# ssl_certificate /etc/letsencrypt/live/ikea-foundation-week-2024.onc.dk/fullchain.pem; # managed by Certbot |
|
|
|
# ssl_certificate_key /etc/letsencrypt/live/ikea-foundation-week-2024.onc.dk/privkey.pem; # managed by Certbot |
|
|
|
# include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
|
|
# ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
|
|
# |
|
|
|
# access_log /home/ikea_foundation/week_2024/log/httpd-access.log; |
|
|
|
# error_log /home/ikea_foundation/week_2024/log/httpd-errors.log; |
|
|
|
# |
|
|
|
# root /home/ikea_foundation/week_2024/public; |
|
|
|
# |
|
|
|
# # App server |
|
|
|
# location @puma_ikea { |
|
|
|
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
|
|
# proxy_set_header Host $http_host; |
|
|
|
# proxy_set_header X-Forwarded_Proto $scheme; |
|
|
|
# proxy_redirect off; |
|
|
|
# |
|
|
|
# proxy_pass http://puma_ikea; |
|
|
|
# } |
|
|
|
# |
|
|
|
# # Serve static (compiled) assets directly if they exist (for rails production) |
|
|
|
# location ~ ^/(assets|packs|static)/ { |
|
|
|
# try_files $uri @puma_ikea; |
|
|
|
# |
|
|
|
# access_log off; |
|
|
|
# gzip_static on; |
|
|
|
# |
|
|
|
# expires max; |
|
|
|
# add_header Cache-Control public; |
|
|
|
# |
|
|
|
# # Some browsers still send conditional-GET requests if there's a |
|
|
|
# # Last-Modified header or an ETag header even if they haven't |
|
|
|
# # reached the expiry date sent in the Expires header. |
|
|
|
# add_header Last-Modified ""; |
|
|
|
# add_header ETag ""; |
|
|
|
# break; |
|
|
|
# } |
|
|
|
# |
|
|
|
# # location /cable { |
|
|
|
# # proxy_pass http://puma_ikea; |
|
|
|
# # proxy_http_version 1.1; |
|
|
|
# # proxy_set_header Upgrade $http_upgrade; |
|
|
|
# # proxy_set_header Connection 'upgrade'; |
|
|
|
# # } |
|
|
|
# |
|
|
|
# # Send non-static file requests to the app server |
|
|
|
# location / { |
|
|
|
# try_files $uri @puma_ikea; |
|
|
|
# } |
|
|
|
# |
|
|
|
# # You can override error pages by redirecting the requests to a file in your |
|
|
|
# # application's public folder, if you so desire: |
|
|
|
# error_page 500 502 503 504 /500.html; |
|
|
|
# location = /500.html { |
|
|
|
# root /home/ikea_foundation/week_2024/public; |
|
|
|
# } |
|
|
|
# } |
|
|
|
# https |
|
|
|
server { |
|
|
|
listen 443 ssl http2; |
|
|
|
server_name ikea-foundation-week-2024.onc.dk; |
|
|
|
|
|
|
|
# keepalive_timeout 300; |
|
|
|
keepalive_timeout 5; |
|
|
|
client_max_body_size 4G; |
|
|
|
|
|
|
|
ssl_certificate /etc/letsencrypt/live/ikea-foundation-week-2024.onc.dk/fullchain.pem; # managed by Certbot |
|
|
|
ssl_certificate_key /etc/letsencrypt/live/ikea-foundation-week-2024.onc.dk/privkey.pem; # managed by Certbot |
|
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot |
|
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot |
|
|
|
|
|
|
|
access_log /home/ikea_foundation/week_2024/log/httpd-access.log; |
|
|
|
error_log /home/ikea_foundation/week_2024/log/httpd-errors.log; |
|
|
|
|
|
|
|
root /home/ikea_foundation/week_2024/public; |
|
|
|
|
|
|
|
# App server |
|
|
|
location @puma_ikea { |
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
|
|
|
proxy_set_header Host $http_host; |
|
|
|
proxy_set_header X-Forwarded_Proto $scheme; |
|
|
|
proxy_redirect off; |
|
|
|
|
|
|
|
proxy_pass http://puma_ikea; |
|
|
|
} |
|
|
|
|
|
|
|
# Serve static (compiled) assets directly if they exist (for rails production) |
|
|
|
location ~ ^/(assets|packs|static)/ { |
|
|
|
try_files $uri @puma_ikea; |
|
|
|
|
|
|
|
access_log off; |
|
|
|
gzip_static on; |
|
|
|
|
|
|
|
expires max; |
|
|
|
add_header Cache-Control public; |
|
|
|
|
|
|
|
# Some browsers still send conditional-GET requests if there's a |
|
|
|
# Last-Modified header or an ETag header even if they haven't |
|
|
|
# reached the expiry date sent in the Expires header. |
|
|
|
add_header Last-Modified ""; |
|
|
|
add_header ETag ""; |
|
|
|
break; |
|
|
|
} |
|
|
|
|
|
|
|
# location /cable { |
|
|
|
# proxy_pass http://puma_ikea; |
|
|
|
# proxy_http_version 1.1; |
|
|
|
# proxy_set_header Upgrade $http_upgrade; |
|
|
|
# proxy_set_header Connection 'upgrade'; |
|
|
|
# } |
|
|
|
|
|
|
|
# Send non-static file requests to the app server |
|
|
|
location / { |
|
|
|
try_files $uri @puma_ikea; |
|
|
|
} |
|
|
|
|
|
|
|
# You can override error pages by redirecting the requests to a file in your |
|
|
|
# application's public folder, if you so desire: |
|
|
|
error_page 500 502 503 504 /500.html; |
|
|
|
location = /500.html { |
|
|
|
root /home/ikea_foundation/week_2024/public; |
|
|
|
} |
|
|
|
} |
