mirror of
git://git.savannah.gnu.org/guix/maintenance.git
synced 2023-12-14 03:33:04 +01:00
48192886c5
* hydra/nginx/bayfront.conf: Drop narinfo from proxy_cache_path. * hydra/nginx/bayfront-locations.conf: Remove all proxy_cache* variables for narinfo.
126 lines
3.6 KiB
Text
126 lines
3.6 KiB
Text
# Configuration of the various HTTP locations.
|
|
# This file is meant to be included in the bayfront configuration file.
|
|
|
|
location / {
|
|
proxy_pass http://localhost:8081;
|
|
}
|
|
|
|
location ~ ^/admin {
|
|
if ($ssl_client_verify != SUCCESS) {
|
|
return 403;
|
|
}
|
|
proxy_pass http://localhost:8081;
|
|
}
|
|
|
|
location = /nix-cache-info {
|
|
proxy_pass http://localhost:3000/nix-cache-info;
|
|
|
|
# Cache this file since that's always the first thing we ask for.
|
|
proxy_cache static;
|
|
proxy_cache_valid 200 100d; # cache hits for a looong time.
|
|
proxy_cache_valid any 5m; # cache misses/others for 5 min.
|
|
proxy_ignore_client_abort on;
|
|
|
|
# We need to hide and ignore the Set-Cookie header
|
|
# to enable caching.
|
|
proxy_hide_header Set-Cookie;
|
|
proxy_ignore_headers Set-Cookie;
|
|
}
|
|
|
|
location /nar/ {
|
|
proxy_pass http://localhost:3000;
|
|
|
|
client_body_buffer_size 256k;
|
|
|
|
# Be more tolerant of delays when fetching a nar.
|
|
proxy_read_timeout 60s;
|
|
proxy_send_timeout 60s;
|
|
|
|
# Enable caching for nar files, to avoid reconstructing and recompressing
|
|
# archives.
|
|
proxy_cache nar;
|
|
proxy_cache_valid 200 30d; # cache hits for 1 month
|
|
proxy_cache_valid 504 3m; # timeout, when hydra.gnu.org is overloaded
|
|
proxy_cache_valid any 1h; # cache misses/others for 1h.
|
|
|
|
proxy_ignore_client_abort on;
|
|
|
|
# Nars are already compressed.
|
|
gzip off;
|
|
|
|
# We need to hide and ignore the Set-Cookie header
|
|
# to enable caching.
|
|
proxy_hide_header Set-Cookie;
|
|
proxy_ignore_headers Set-Cookie;
|
|
|
|
# Provide a 'content-length' header so that 'guix substitute-binary'
|
|
# knows upfront how much it is downloading.
|
|
#add_header Content-Length $body_bytes_sent;
|
|
}
|
|
|
|
location ~ \.narinfo$ {
|
|
# Since 'guix publish' has its own caching, and since it relies
|
|
# on the atime of cached narinfos to determine whether a
|
|
# narinfo can be removed from the cache, don't do any caching
|
|
# here.
|
|
|
|
proxy_pass http://localhost:3000;
|
|
|
|
# For HTTP pipelining. This has a dramatic impact on performance.
|
|
client_body_buffer_size 128k;
|
|
|
|
# Narinfos requests are short, serve many of them on a connection.
|
|
keepalive_requests 600;
|
|
|
|
# Do not tolerate slowness of hydra.gnu.org when fetching
|
|
# narinfos: better return 504 quickly than wait forever.
|
|
proxy_connect_timeout 2s;
|
|
proxy_read_timeout 2s;
|
|
proxy_send_timeout 2s;
|
|
|
|
# 'guix publish --ttl' produces a 'Cache-Control' header for use
|
|
# by 'guix substitute'. Let it through rather than use nginx's
|
|
# "expire" directive since the expiration time defined by 'guix
|
|
# publish' is the right one.
|
|
proxy_pass_header Cache-Control;
|
|
|
|
proxy_ignore_client_abort on;
|
|
|
|
# We need to hide and ignore the Set-Cookie header
|
|
# to enable caching.
|
|
proxy_hide_header Set-Cookie;
|
|
proxy_ignore_headers Set-Cookie;
|
|
}
|
|
|
|
location /log/ {
|
|
proxy_pass http://localhost:3000;
|
|
|
|
# Enable caching for build logs.
|
|
proxy_cache logs;
|
|
proxy_cache_valid 200 60d; # cache hits.
|
|
proxy_cache_valid 504 3m; # timeout, when hydra.gnu.org is overloaded
|
|
proxy_cache_valid any 1h; # cache misses/others.
|
|
|
|
proxy_ignore_client_abort on;
|
|
|
|
# We need to hide and ignore the Set-Cookie header
|
|
# to enable caching.
|
|
proxy_hide_header Set-Cookie;
|
|
proxy_ignore_headers Set-Cookie;
|
|
}
|
|
|
|
# Content-addressed files served by 'guix publish'.
|
|
location /file/ {
|
|
proxy_pass http://localhost:3000;
|
|
|
|
proxy_cache cas;
|
|
proxy_cache_valid 200 200d; # cache hits
|
|
proxy_cache_valid any 5m; # cache misses/others
|
|
|
|
proxy_ignore_client_abort on;
|
|
}
|
|
|
|
# For use by Certbot.
|
|
location /.well-known {
|
|
root /var/www;
|
|
}
|