bookwyrm: update nginx to use latest pullrequest and map /flower

single-dockerfile
Trammell Hudson 2 years ago
parent 62fae7e763
commit 43a824dee2
  1. 4
      bookwyrm.yaml
  2. 70
      bookwyrm/nginx.conf

@ -107,10 +107,8 @@ services:
bookwyrm-flower: bookwyrm-flower:
container_name: bookwyrm-flower container_name: bookwyrm-flower
image: osresearch/bookwyrm:oidc image: osresearch/bookwyrm:oidc
command: celery -A celerywyrm flower --basic_auth=admin:${BOOKWYRM_ADMIN_PASSWORD} command: celery -A celerywyrm flower --basic_auth=admin:${BOOKWYRM_ADMIN_PASSWORD} --url_prefix=flower
env_file: bookwyrm/env env_file: bookwyrm/env
# ports:
# - ${FLOWER_PORT}:${FLOWER_PORT}
volumes: volumes:
- ./data/bookwyrm/static_volume:/app/static - ./data/bookwyrm/static_volume:/app/static
- ./data/bookwyrm/media_volume:/app/images - ./data/bookwyrm/media_volume:/app/images

@ -20,50 +20,58 @@ server {
client_body_buffer_size 10M; client_body_buffer_size 10M;
client_max_body_size 10M; client_max_body_size 10M;
location ~ ^/(login[^-/]|password-reset|resend-link|2fa-check) { # store responses to anonymous users for up to 1 minute
limit_req zone=loginlimit;
proxy_pass http://bookwyrm-web:8000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
}
location ~ ^/(api|oidc|preferences) {
proxy_pass http://bookwyrm-web:8000;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_redirect off;
access_log off;
}
location / {
proxy_cache mycache; proxy_cache mycache;
proxy_cache_valid any 1m;
add_header X-Cache-Status $upstream_cache_status; add_header X-Cache-Status $upstream_cache_status;
# ignore the set cookie header when deciding to
# store a response in the cache
proxy_ignore_headers Cache-Control Set-Cookie Expires; proxy_ignore_headers Cache-Control Set-Cookie Expires;
#proxy_ignore_headers Cache-Control;
# logged in sessions and PUT bypass the cache # PUT requests always bypass the cache
# logged in sessions also do not populate the cache
# to avoid serving personal data to anonymous users
proxy_cache_methods GET HEAD; proxy_cache_methods GET HEAD;
proxy_no_cache $cookie_session; proxy_no_cache $cookie_sessionid;
proxy_cache_bypass $cookie_session; proxy_cache_bypass $cookie_sessionid;
proxy_cache_valid any 1m;
proxy_pass http://bookwyrm-web:8000; # tell the web container the address of the outside client
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_redirect off; proxy_redirect off;
# rate limit the login or password reset pages
location ~ ^/(login[^-/]|password-reset|resend-link|2fa-check) {
limit_req zone=loginlimit;
proxy_pass http://bookwyrm-web:8000;
} }
location /images/ { # do not log periodic polling requests from logged in users
alias /bookwyrm/app/images/; location /api/updates/ {
#access_log off; access_log off;
proxy_pass http://bookwyrm-web:8000;
}
# monitor the celery queues with flower, no caching enabled
location /flower/ {
proxy_pass http://bookwyrm-flower:8888;
proxy_cache_bypass 1;
}
# forward any cache misses or bypass to the web container
location / {
proxy_pass http://bookwyrm-web:8000;
} }
location /static/ { # directly serve images and static files from the
alias /bookwyrm/app/static/; # bookwyrm filesystem using sendfile.
#access_log off; # make the logs quieter by not reporting these requests
location ~ ^/(images|static)/ {
root /bookwyrm/app;
try_files $uri =404;
add_header X-Cache-Status STATIC;
access_log off;
} }
include /etc/nginx/includes/ssl.conf; include /etc/nginx/includes/ssl.conf;

Loading…
Cancel
Save