pitchum/debianize-mobilizon
pitchum/debianize-mobilizon
1
0
Fork 0
Code Issues Pull Requests Projects Releases 2 Wiki Activity

Provide nginx example config file

Browse Source
This commit is contained in:
pitchum 2024-03-10 08:06:10 +00:00
parent e66f001099
commit fcb500fa17
2 changed files with 79 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
debian/examples/nginx.conf vendored Normal file
View File

@ -0,0 +1,78 @@
# Example nginx site config for Mobilizon on Debian
#
# Simple installation instructions:
# 1. Install your TLS certificate, possibly using Let's Encrypt.
# 2. Replace 'example.tld' with your instance's domain wherever it appears.
# 3. Copy this file to /etc/nginx/sites-available/ and then add a symlink to it
# in /etc/nginx/sites-enabled/ and run 'nginx -s reload' or restart nginx.
server {
server_name example.tld;
listen 80 default_server;
listen [::]:80 default_server;
# Remove once HTTPS is setup
location ^~ '/.well-known/acme-challenge' {
root /var/www/certbot;
default_type "text/plain";
}
# Uncomment once HTTPS is setup
# return 301 https://$server_name$request_uri;
}
server {
server_name example.tld;
listen 443 ssl http2;
listen [::]:443 ssl http2;
include /etc/nginx/snippets/snakeoil.conf;
# Replace the above line with the following once you have your own certificates
# ssl_trusted_certificate /etc/letsencrypt/live/example.tld/fullchain.pem;
# ssl_certificate /etc/letsencrypt/live/example.tld/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/example.tld/privkey.pem;
add_header Strict-Transport-Security "max-age=31536000";
# the nginx default is 1m, not enough for large media uploads
client_max_body_size 16m;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
include proxy_params;
location / {
expires off;
add_header Cache-Control "public, max-age=0, s-maxage=0, must-revalidate" always;
proxy_pass http://127.0.0.1:4000;
}
# Let's Encrypt keeps its files here
location ^~ '/.well-known/acme-challenge' {
root /var/www/certbot;
default_type "text/plain";
}
location ~ ^/(assets|img) {
root /var/lib/mobilizon/priv/static;
access_log off;
add_header Cache-Control "public, max-age=31536000, s-maxage=31536000, immutable";
}
location ~ ^/(media|proxy) {
access_log off;
add_header Cache-Control "public, max-age=31536000, s-maxage=31536000, immutable";
proxy_pass http://127.0.0.1:4000;
}
error_page 500 501 502 503 504 @error;
location @error {
root /var/lib/mobilizon/priv/errors;
try_files /error.html 502;
}
}

1
debian/mobilizon-docs.docs vendored
View File

@ -1,2 +1,3 @@
debian/README.Debian.md debian/README.Debian.md
debian/README.packaging.md debian/README.packaging.md
debian/examples/