Commit b129441428688d6b9fa1484f774616eb8f56a698
1 parent
ba14725aab
Exists in
master
Switched everything back to TCP.
Showing 2 changed files with 3 additions and 3 deletions Inline Diff
flashy.ini
View file @
b129441
| # mysite_uwsgi.ini file | 1 | 1 | # mysite_uwsgi.ini file | |
| [uwsgi] | 2 | 2 | [uwsgi] | |
| 3 | 3 | |||
| # Django-related settings | 4 | 4 | # Django-related settings | |
| # the base directory (full path) | 5 | 5 | # the base directory (full path) | |
| chdir = /srv/flashy-backend/ | 6 | 6 | chdir = /srv/flashy-backend/ | |
| # Django's wsgi file | 7 | 7 | # Django's wsgi file | |
| module = flashy.wsgi | 8 | 8 | module = flashy.wsgi | |
| # the virtualenv (full path) | 9 | 9 | # the virtualenv (full path) | |
| # home = /srv/flashy-backend/venv/ | 10 | 10 | # home = /srv/flashy-backend/venv/ | |
| 11 | 11 | |||
| # process-related settings | 12 | 12 | # process-related settings | |
| # master | 13 | 13 | # master | |
| # master = true | 14 | 14 | # master = true | |
| # maximum number of worker processes | 15 | 15 | # maximum number of worker processes | |
| # processes = 1 | 16 | 16 | # processes = 1 | |
| # the socket (use the full path to be safe | 17 | 17 | # the socket (use the full path to be safe | |
| socket = /tmp/flashy.sock | 18 | 18 | http = :7001 | |
| # ... with appropriate permissions - may be needed | 19 | 19 | # ... with appropriate permissions - may be needed | |
| # chmod-socket = 664 | 20 | 20 | # chmod-socket = 664 | |
| # clear environment on exit | 21 | 21 | # clear environment on exit |
nginxconf/flashy.cards
View file @
b129441
| upstream backend_production { | 1 | 1 | upstream backend_production { | |
| server unix:/tmp/flashy.sock; | 2 | 2 | # server unix:/tmp/flashy.sock; | |
| # server localhost:7001; | 3 | 3 | server localhost:7001; | |
| } | 4 | 4 | } | |
| 5 | 5 | |||
| server { | 6 | 6 | server { | |
| server_name flashy.cards; | 7 | 7 | server_name flashy.cards; | |
| listen 443 ssl; | 8 | 8 | listen 443 ssl; | |
| location / { | 9 | 9 | location / { | |
| root /srv/flashy.cards/; | 10 | 10 | root /srv/flashy.cards/; | |
| } | 11 | 11 | } | |
| 12 | 12 | |||
| location ^~ /static { | 13 | 13 | location ^~ /static { | |
| root /srv/; | 14 | 14 | root /srv/; | |
| access_log off; | 15 | 15 | access_log off; | |
| expires 30d; | 16 | 16 | expires 30d; | |
| } | 17 | 17 | } | |
| 18 | 18 | |||
| location ^~ /app { | 19 | 19 | location ^~ /app { | |
| alias /srv/flashy-frontend; | 20 | 20 | alias /srv/flashy-frontend; | |
| } | 21 | 21 | } | |
| 22 | 22 | |||
| location ~ /(api|admin|api-auth)/ { | 23 | 23 | location ~ /(api|admin|api-auth)/ { | |
| proxy_pass http://backend_production; | 24 | 24 | proxy_pass http://backend_production; | |
| proxy_redirect http://backend_production $scheme://flashy.cards; | 25 | 25 | proxy_redirect http://backend_production $scheme://flashy.cards; | |
| proxy_set_header Host $host; | 26 | 26 | proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | 27 | 27 | proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | 28 | 28 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| } | 29 | 29 | } | |
| 30 | 30 | |||
| location ^~ /jenkins { | 31 | 31 | location ^~ /jenkins { | |
| proxy_pass http://localhost:8080; | 32 | 32 | proxy_pass http://localhost:8080; | |
| proxy_redirect http://localhost:8080 $scheme://flashy.cards; | 33 | 33 | proxy_redirect http://localhost:8080 $scheme://flashy.cards; | |
| proxy_set_header Host $host; | 34 | 34 | proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | 35 | 35 | proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | 36 | 36 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_read_timeout 90; | 37 | 37 | proxy_read_timeout 90; | |
| } | 38 | 38 | } | |
| ssl_certificate /etc/nginx/ssl/bundle.crt; | 39 | 39 | ssl_certificate /etc/nginx/ssl/bundle.crt; | |
| ssl_certificate_key /etc/nginx/ssl/nginx.key; | 40 | 40 | ssl_certificate_key /etc/nginx/ssl/nginx.key; | |
| ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | 41 | 41 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
| ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS; | 42 | 42 | ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS; | |
| ssl_prefer_server_ciphers on; | 43 | 43 | ssl_prefer_server_ciphers on; | |
| keepalive_timeout 70; | 44 | 44 | keepalive_timeout 70; | |
| ssl_session_cache shared:SSL:10m; | 45 | 45 | ssl_session_cache shared:SSL:10m; | |
| ssl_session_timeout 10m; | 46 | 46 | ssl_session_timeout 10m; | |
| add_header Strict-Transport-Security "max-age=259200"; | 47 | 47 | add_header Strict-Transport-Security "max-age=259200"; | |
| } | 48 | 48 | } | |
| 49 | 49 | |||
| server { | 50 | 50 | server { |