LoweBowe
/
CinemaPress
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
CinemaPress/config/default/nginx/conf.d/nginx.conf

188 lines
6.4 KiB
Nginx Configuration File
Raw Blame History

upstream example.com {
server 127.0.0.1:3000 max_fails=0 fail_timeout=30s;
keepalive 8;
}
server {
listen 80;
listen [::]:80;
#ssl listen 443 ssl;
#ssl listen [::]:443 ssl;
#ssl ssl_certificate /home/example.com/config/production/nginx/ssl.d/live/example.com/fullchain.pem;
#ssl ssl_certificate_key /home/example.com/config/production/nginx/ssl.d/live/example.com/privkey.pem;
#ssl ssl_dhparam /home/example.com/config/production/nginx/ssl.d/live/example.com/dhparam.pem;
#ssl ssl_session_cache shared:SSL:10m;
#ssl ssl_session_timeout 1d;
#ssl ssl_stapling on;
#ssl ssl_stapling_verify on;
#ssl ssl_prefer_server_ciphers on;
#ssl ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
#ssl resolver 1.1.1.1;
#ssl resolver_timeout 10s;
#ssl add_header X-Content-Type-Options "nosniff";
#ssl add_header Strict-Transport-Security "max-age=31536000";
root /home/example.com;
server_name example.com *.example.com;
access_log /var/log/nginx/access_example.com.log;
include /etc/nginx/bots.d/ddos.conf;
include /etc/nginx/bots.d/blockbots.conf;
keepalive_timeout 10;
client_max_body_size 64m;
if ( $request_method !~ ^(GET|POST)$ ) {
return 444;
}
if ( $request_uri ~ "/index.html" ) {
rewrite ^(.*)/ $1/ permanent;
}
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {add_header "" "";}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
location ~* ^/(files|themes/.*/public|favicon.*|android-chrome.*|apple-touch-icon\.png|mstile-150x150\.png|browserconfig\.xml|safari-pinned-tab\.svg|site\.webmanifest) {
expires 30d;
access_log off;
autoindex off;
add_header Cache-Control "public, no-transform";
proxy_cache_valid 404 500 502 503 504 1m;
proxy_cache_valid any 30d;
proxy_max_temp_file_size 0;
}
location ~* ^/images/ {
rewrite "^\/images\/(poster|picture)\/(medium|small)\/.*img([0-9]+).*\.jpg$" "/$1/$2/$3.jpg" break;
root /var/local/images;
expires 30d;
access_log off;
autoindex off;
add_header Cache-Control "public, no-transform";
proxy_cache_valid 404 500 502 503 504 1m;
proxy_cache_valid any 30d;
try_files $uri /poster/no-poster.jpg /poster/small/629951.jpg =404;
}
location ~* ^/balancer/ {
rewrite "^\/balancer\/([0-9]+)\.mp4" "/$1.mp4" break;
root /var/local/balancer;
expires 30d;
access_log off;
autoindex off;
add_header Cache-Control "public, no-transform";
proxy_cache_valid 404 500 502 503 504 1m;
proxy_cache_valid any 30d;
limit_rate_after 1m;
limit_rate 150k;
try_files $uri /bbb.mp4 =404;
}
location ~* ^/(doc|Dockerfile|config|modules|lib|routes|core|app\.js|package\.json|package-lock\.json|process\.json|restart\.server|LICENSE\.txt|README\.md|.*\.sh|.*\.conf|.*\.jade|.*\.ejs)($|\/) {
return 404;
}
location / {
if ($host ~* "^(m\.example.com)$") {
rewrite ^(.*)$ /mobile-version$1 break;
}
if ($host ~* "^(tv\.example.com)$") {
rewrite ^(.*)$ /tv-version$1 break;
}
#if ($http_cookie ~* ".+" ) {
# set $do_not_cache 1;
#}
expires 1h;
limit_req zone=cinemapress burst=50;
proxy_max_temp_file_size 0;
proxy_next_upstream error timeout http_500 http_502 http_503 http_504;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass http://example.com;
}
location ~* ^/(episode\.json|iframe\.player|rss\.xml) {
if ($host ~* "^(m\.example.com)$") {
rewrite ^(.*)$ /mobile-version$1 break;
}
if ($host ~* "^(tv\.example.com)$") {
rewrite ^(.*)$ /tv-version$1 break;
}
#if ($http_cookie ~* ".+" ) {
# set $do_not_cache 1;
#}
access_log off;
autoindex off;
expires 1h;
limit_req zone=cinemapress burst=50;
proxy_max_temp_file_size 0;
proxy_next_upstream error timeout http_500 http_502 http_503 http_504;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass http://example.com;
}
location ~* ^/admin {
auth_basic "Login Admin page!";
auth_basic_user_file /home/example.com/config/production/nginx/pass.d/example.com.pass;
proxy_max_temp_file_size 0;
proxy_next_upstream error timeout http_500 http_502 http_503 http_504;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_pass http://example.com;
}
error_page 500 502 503 504 520 /50x.html;
location = /50x.html {
root /etc/nginx/html;
access_log off;
autoindex off;
internal;
}
error_page 404 /404.html;
location = /404.html {
root /etc/nginx/html;
access_log off;
autoindex off;
internal;
}
error_page 403 /403.html;
location = /403.html {
root /etc/nginx/html;
access_log off;
autoindex off;
internal;
}
error_page 401 /401.html;
location = /401.html {
root /etc/nginx/html;
access_log off;
autoindex off;
internal;
}
}
Reference in New Issue View Git Blame Copy Permalink