guix/maintenance
2
0
Fork 0
mirror of git://git.savannah.gnu.org/guix/maintenance.git synced 2023-12-14 03:33:04 +01:00
Code Issues Releases Wiki Activity
maintenance/hydra/nginx/hydra.gnu.org-locations.conf
Ludovic Courtès 8859af255f
hydra: nginx: Remove texlive-texmf ban. 
Fixes <https://bugs.gnu.org/30157>.
Reported by Mathieu Lirzin <mthl@gnu.org>.

* hydra/nginx/hydra.gnu.org-locations.conf: Remove ban for
texlive-texmf.  Our 'texlive-texmf' packaged is already
non-substitutable, and thus not built on hydra, so this rule was only
filtering the 2.2G texlive-texmf*.tar.xz, causing bad UX.
2018-01-19 10:58:59 +01:00

123 lines
4.3 KiB
Plaintext
Raw Blame History

# Configuration of the various locations at hydra.gnu.org.
# This file is meant to be included in the main configuration file.
location / {
proxy_pass http://127.0.0.1:3000;
}
location /api {
# For the sake of the JS code at http://gnu.org/s/guix/packages.
add_header 'Access-Control-Allow-Origin' '$scheme://www.gnu.org';
proxy_pass http://127.0.0.1:3000;
}
# Longer timeouts to allow practical https access to Hydra's admin interface.
location /eval { proxy_pass http://127.0.0.1:3000; proxy_read_timeout 600s; }
location /evals { proxy_pass http://127.0.0.1:3000; proxy_read_timeout 360s; }
location /jobset { proxy_pass http://127.0.0.1:3000; proxy_read_timeout 240s; }
location /build { proxy_pass http://127.0.0.1:3000; proxy_read_timeout 120s; }
location /status { proxy_pass http://127.0.0.1:3000; proxy_read_timeout 30s; }
location /guix/nar/ {
# Served by:
# guix publish -p 9999 --listen=127.0.0.1 -u nobody -C8 --cache=/var/cache/guix/publish --ttl=14d --workers=2 --nar-path=guix/nar --public-key=/home/hydra/narinfo-key.pub --private-key=/home/hydra/narinfo-key.sec
proxy_pass http://127.0.0.1:9999;
client_body_buffer_size 256k;
# Enable caching for nar files, to avoid reconstructing and recompressing
# archives.
proxy_cache nar;
proxy_cache_valid 200 15d; # cache hits for 15 days.
proxy_cache_valid 504 3m; # timeout, when the machine is overloaded
proxy_cache_valid any 1m; # cache misses/others for 1 min.
proxy_ignore_client_abort on;
# Be more tolerant of delays when fetching a nar. Using a shorter
# timeout leads to users retrying, which in turn triggers another
# export-and-compress process, which quickly brings the machine
# down.
proxy_read_timeout 60s;
proxy_send_timeout 60s;
# Nars are already compressed.
gzip off;
}
location ~ ^/nar/(.*)$ {
# This used to be the URL for the Hydra-served nars. Now this is
# simply a redirect to the 'guix publish' URLs above.
return 301 /guix/nar/$1;
}
location ~ /(nix-cache-info|static|logo|favicon\.ico) {
proxy_pass http://127.0.0.1:3000;
# Cache this file since that's always the first thing we ask for.
proxy_cache static;
proxy_cache_valid 200 10d; # cache hits for a looong time.
proxy_cache_valid any 5m; # cache misses/others for 5 min.
proxy_ignore_client_abort on;
# We need to hide and ignore the Set-Cookie header
# to enable caching.
proxy_hide_header Set-Cookie;
proxy_ignore_headers Set-Cookie;
# Tell browsers to cache these things.
expires 10d;
}
location ~ \.narinfo$ {
# Narinfos served by 'guix publish' (see above). If we change the
# port to 3000, then they are served by Hydra.
#
# Since 'guix publish' has its own caching, and since it relies on
# the atime of cached narinfos to determine whether a narinfo can
# be removed from the cache, don't do any caching here. (Hydra
# computed narinfos on the fly so it definitely needed caching.)
proxy_pass http://127.0.0.1:9999;
# For HTTP pipelining. This has a dramatic impact on performance.
client_body_buffer_size 128k;
# Narinfos requests are short, serve many of them on a connection.
keepalive_requests 600;
# Do not tolerate slowness of hydra.gnu.org when fetching
# narinfos: better return 504 quickly than wait forever. However,
# since hydra.gnu.org is often overloaded, keep the timeouts not
# too small.
proxy_connect_timeout 4s;
proxy_read_timeout 6s;
proxy_send_timeout 6s;
# 'guix publish --ttl' produces a 'Cache-Control' header for use
# by 'guix substitute'. Let it through rather than use nginx's
# "expire" directive since the expiration time defined by 'guix
# publish' is the right one.
proxy_pass_header Cache-Control;
proxy_ignore_client_abort on;
# We need to hide and ignore the Set-Cookie header
# to enable caching.
proxy_hide_header Set-Cookie;
proxy_ignore_headers Set-Cookie;
}
# Content-addressed files served by 'guix publish'. No need to cache
# it because it is served right from the store without any additional
# processing (see above for the full 'guix publish' command).
location /file/ {
proxy_pass http://127.0.0.1:9999;
proxy_connect_timeout 3s;
}
# For use by Certbot.
location /.well-known {
root /var/www;
}
View git blame Copy permalink