squeegily
/
pleroma
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 42 Wiki Activity
Fork of Pleroma with site-specific changes and feature branches https://git.pleroma.social/pleroma/pleroma
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1276 Commits
154 Branches
503MB
Tree: 947431e9aa
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '947431e9aa'
${ noResults }
pleroma/installation/pleroma.nginx

69 lines
2.2KB
Raw Blame History 

  1. # default nginx site config for Pleroma

  2. #

  3. # Simple installation instructions:

  4. # 1. Install your TLS certificate, possibly using Let's Encrypt.

  5. # 2. Replace 'example.tld' with your instance's domain wherever it appears.

  6. # 3. Copy this file to /etc/nginx/sites-available/ and then add a symlink to it

  7. #    in /etc/nginx/sites-enabled/ and restart nginx.

  8. 

  9. proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g

  10.                  inactive=720m use_temp_path=off;

  11. 

  12. server {

  13.     listen         80;

  14.     server_name    example.tld;

  15.     return         301 https://$server_name$request_uri;

  16. }

  17. 

  18. server {

  19.     listen 443 ssl http2;

  20.     ssl on;

  21.     ssl_session_timeout 5m;

  22. 

  23.     ssl_certificate           /etc/letsencrypt/live/example.tld/fullchain.pem;

  24.     ssl_certificate_key       /etc/letsencrypt/live/example.tld/privkey.pem;

  25. 

  26.     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

  27.     ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";

  28.     ssl_prefer_server_ciphers on;

  29. 

  30.     server_name example.tld;

  31. 

  32.     gzip_vary on;

  33.     gzip_proxied any;

  34.     gzip_comp_level 6;

  35.     gzip_buffers 16 8k;

  36.     gzip_http_version 1.1;

  37.     gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;

  38. 

  39.     # the nginx default is 1m, not enough for large media uploads

  40.     client_max_body_size 16m;

  41. 

  42.     location / {

  43.         # if you do not want remote frontends to be able to access your Pleroma backend

  44.         # server, remove these lines.

  45.         add_header 'Access-Control-Allow-Origin' '*' always;

  46.         add_header 'Access-Control-Allow-Methods' 'POST, GET, OPTIONS' always;

  47.         add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type' always;

  48.         if ($request_method = OPTIONS) {

  49.             return 204;

  50.         }

  51.         # stop removing lines here.

  52. 

  53.         proxy_http_version 1.1;

  54.         proxy_set_header Upgrade $http_upgrade;

  55.         proxy_set_header Connection "upgrade";

  56.         proxy_set_header Host $http_host;

  57. 

  58.         proxy_pass http://localhost:4000;

  59. 

  60.         client_max_body_size 16m;

  61.     }

  62. 

  63.     location /proxy {

  64.         proxy_cache pleroma_media_cache;

  65.         proxy_cache_lock on;

  66.         proxy_pass http://localhost:4000;

  67.     }

  68. }