peertube.social/templates/nginx.conf

events {
    worker_connections 1024;
}

http {
    proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=peertube_cache:10m max_size=15g use_temp_path=off;

    server {
        listen 9000;

        # Hide nginx version
        server_tokens off;

        # Enable compression for JS/CSS/HTML bundle, for improved client load times.
        # It might be nice to compress JSON, but leaving that out to protect against potential
        # compression+encryption information leak attacks like BREACH.
        gzip on;
        gzip_types text/css application/javascript;
        gzip_vary on;

        # Enable HSTS
        # Tells browsers to stick with HTTPS and never visit the insecure HTTP
        # version. Once a browser sees this header, it will only visit the site over
        # HTTPS for the next 2 years: (read more on hstspreload.org)
        add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

        add_header Referrer-Policy "same-origin";

        location / {
            proxy_pass              http://peertube:9000;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        Host $host;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            client_max_body_size    600M;
            proxy_connect_timeout   600;
            proxy_send_timeout      600;
            proxy_read_timeout      600;
            send_timeout            600;
        }
        location ~ ^/(static/(thumbnails|previews|avatars)|client)/ {
            proxy_pass              http://peertube:9000;
            proxy_cache             peertube_cache;
            proxy_cache_use_stale   error timeout http_500 http_502 http_503 http_504;
            proxy_cache_revalidate  on;
            proxy_cache_min_uses    3;
            proxy_cache_lock        on;
            add_header              X-Cached $upstream_cache_status;
        }
        location ~ ^/static/(webseed|redundancy)/ {
            slice                   1m;
            proxy_cache             peertube_cache;
            proxy_cache_valid       206 1h;
            proxy_cache_key         $uri$is_args$args$slice_range;
            proxy_set_header        Range $slice_range;
            # for debugging
            #add_header              X-Cache-Status $upstream_cache_status;
            proxy_http_version      1.1;
            # required workaround for https://github.com/Chocobozzz/PeerTube/issues/1777
            proxy_ignore_headers    Cache-Control;
            proxy_pass              http://peertube:9000;
        }
    }
}
Add nginx as cache for images and other small, static files 2019-03-20 19:34:40 -04:00			`events {`
			`worker_connections 1024;`
			`}`

			`http {`
Enable caching for videos 2019-04-18 20:57:19 -04:00			`proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=peertube_cache:10m max_size=15g use_temp_path=off;`
Add nginx as cache for images and other small, static files 2019-03-20 19:34:40 -04:00
			`server {`
			`listen 9000;`

			`# Hide nginx version`
			`server_tokens off;`

			`# Enable compression for JS/CSS/HTML bundle, for improved client load times.`
			`# It might be nice to compress JSON, but leaving that out to protect against potential`
			`# compression+encryption information leak attacks like BREACH.`
			`gzip on;`
			`gzip_types text/css application/javascript;`
			`gzip_vary on;`

			`# Enable HSTS`
			`# Tells browsers to stick with HTTPS and never visit the insecure HTTP`
			`# version. Once a browser sees this header, it will only visit the site over`
			`# HTTPS for the next 2 years: (read more on hstspreload.org)`
			`add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";`

Add referrer policy header 2019-04-18 08:45:58 -04:00			`add_header Referrer-Policy "same-origin";`

Add nginx as cache for images and other small, static files 2019-03-20 19:34:40 -04:00			`location / {`
Convert project to ansible 2019-04-10 15:43:16 -04:00			`proxy_pass http://peertube:9000;`
Add proxy_pass back, which is required 2019-03-27 20:29:47 -04:00			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header Host $host;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`client_max_body_size 600M;`
			`proxy_connect_timeout 600;`
			`proxy_send_timeout 600;`
			`proxy_read_timeout 600;`
			`send_timeout 600;`
Add nginx as cache for images and other small, static files 2019-03-20 19:34:40 -04:00			`}`
			`location ~ ^/(static/(thumbnails\|previews\|avatars)\|client)/ {`
Add proxy_pass back, which is required 2019-03-27 20:29:47 -04:00			`proxy_pass http://peertube:9000;`
Add nginx as cache for images and other small, static files 2019-03-20 19:34:40 -04:00			`proxy_cache peertube_cache;`
			`proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;`
			`proxy_cache_revalidate on;`
			`proxy_cache_min_uses 3;`
			`proxy_cache_lock on;`
			`add_header X-Cached $upstream_cache_status;`
			`}`
Enable caching for videos 2019-04-18 20:57:19 -04:00			`location ~ ^/static/(webseed\|redundancy)/ {`
			`slice 1m;`
			`proxy_cache peertube_cache;`
			`proxy_cache_valid 206 1h;`
			`proxy_cache_key $uri$is_args$args$slice_range;`
			`proxy_set_header Range $slice_range;`
			`# for debugging`
			`#add_header X-Cache-Status $upstream_cache_status;`
			`proxy_http_version 1.1;`
			`# required workaround for https://github.com/Chocobozzz/PeerTube/issues/1777`
			`proxy_ignore_headers Cache-Control;`
			`proxy_pass http://peertube:9000;`
			`}`
Add nginx as cache for images and other small, static files 2019-03-20 19:34:40 -04:00			`}`
			`}`