Working nginx config

2021-08-26 12:07:37 +02:00 · 2021-08-26 12:07:37 +02:00 · 42c6e8d553
parent f71e43949a
commit 42c6e8d553
3 changed files with 142 additions and 121 deletions
--- a/abra.sh
+++ b/abra.sh
@ -1,4 +1,4 @@
-export NGINX_CONF_VERSION="v1"
+export NGINX_CONF_VERSION="v2"

 NC_APP_DIR="app:/var/www/html"

--- a/compose.yml
+++ b/compose.yml
@ -109,13 +109,13 @@ services:
  #   entrypoint: /cron.sh
  #   deploy:
  #     labels: ['coop-cloud.${STACK_NAME}.cron.version=22.1.0-89d9ab98']
-  # cache:
-  #   image: redis:6.2.5-alpine
-  #   networks:
-  #     - internal
-  #   deploy:
-  #     labels:
-  #       - coop-cloud.${STACK_NAME}.cache.version=6.2.5-alpine-b658aeb0
+  cache:
+    image: redis:6.2.5-alpine
+    networks:
+      - internal
+    deploy:
+      labels:
+        - coop-cloud.${STACK_NAME}.cache.version=6.2.5-alpine-b658aeb0

 secrets:
  db_root_password:
--- a/nginx.conf.tmpl
+++ b/nginx.conf.tmpl
@ -1,24 +1,45 @@
-events {
-  worker_connections 768;
-}
+worker_processes auto;

 error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+

 http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

-	upstream backend {
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+    upstream php-handler {
        server {{ env "STACK_NAME" }}_app:9000;
    }

    server {
-			listen 80 http2;
-			listen [::]:80 http2;
-			server_name {{ env "DOMAIN" }};
+        listen 80;
+
+        # HSTS settings
+        # WARNING: Only add the preload option once you read about
+        # the consequences in https://hstspreload.org/. This option
+        # will add the domain to a hardcoded list that is shipped
+        # in all major browsers and getting removed from this list
+        # could take several months.
+        #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;

        # set max upload size
        client_max_body_size 512M;
@ -112,17 +133,17 @@ http {
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $path_info;
-					fastcgi_param HTTPS on;
+            #fastcgi_param HTTPS on;

            fastcgi_param modHeadersAvailable true;         # Avoid sending the security headers twice
            fastcgi_param front_controller_active true;     # Enable pretty urls
-					fastcgi_pass backend;
+            fastcgi_pass php-handler;

            fastcgi_intercept_errors on;
            fastcgi_request_buffering off;
        }

-			location ~ \.(?:css|js|svg|gif|png|jpg|ico)$ {
+        location ~ \.(?:css|js|svg|gif)$ {
            try_files $uri /index.php$request_uri;
            expires 6M;         # Cache-Control policy borrowed from `.htaccess`
            access_log off;     # Optional: Don't log access to assets