forked from uc-cdis/data-portal
-
Notifications
You must be signed in to change notification settings - Fork 2
/
nginx.conf
79 lines (67 loc) · 2.33 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
##
# Note that this file actually winds up at
# /etc/nginx/conf.d/nginx.conf
# , and is loaded by /etc/nginx/nginx.conf in an http{} block
##
##
# Logging Settings
# The http_x_* headers are set by the gen3 reverse proxy:
# kube/services/revproxy/
##
log_format json '{"gen3log": "nginx", '
'"date_access": "$time_iso8601", '
'"user_id": "$http_x_userid", '
'"request_id": "$http_x_reqid", '
'"session_id": "$http_x_sessionid", '
'"visitor_id": "$http_x_visitorid", '
'"network_client_ip": "$http_x_forwarded_for", '
'"network_bytes_write": $body_bytes_sent, '
'"http_response_time": "$request_time", '
'"http_status_code": $status, '
'"http_request": "$request_uri", '
'"http_verb": "$request_method", '
'"http_referer": "$http_referer", '
'"http_useragent": "$http_user_agent", '
'"message": "$request"}';
log_format aws '$http_x_forwarded_for - $http_x_userid [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /dev/stdout json;
server {
listen 80 default_server;
listen 443 ssl;
ssl_certificate /mnt/ssl/nginx.crt;
ssl_certificate_key /mnt/ssl/nginx.key;
root /data-portal;
index index.html index.htm;
# Enable serving pre-compressed properties
gzip_http_version 1.0;
gzip_proxied any;
gzip_static on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
gzip_vary on;
# dev.html signals dev mode - for developer testing
rewrite ^/dev.html.+$ /dev.html;
# Block all access to things like .git or .htaccess
location ~ /\. {
deny all;
}
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires -1;
# access_log logs/static.log; # I don't usually include a static log
}
location ~* \.(?:css|js)$ {
try_files $uri =404;
expires 1y;
access_log off;
add_header Cache-Control "public";
}
# Any route containing a file extension (e.g. /devicesfile.js)
location ~ ^.+\.[^/]+$ {
try_files $uri =404;
}
# Any route that doesn't have a file extension (e.g. /devices)
location / {
try_files $uri /index.html;
}
}