2012-10-22 23:53:35 +02:00
|
|
|
server {
|
|
|
|
|
listen 80;
|
2012-10-27 17:22:13 +02:00
|
|
|
server_name humbughq.com;
|
2012-10-22 23:53:35 +02:00
|
|
|
return 301 https://$server_name$request_uri;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
listen 443;
|
|
|
|
|
|
|
|
|
|
ssl on;
|
|
|
|
|
ssl_certificate /etc/ssl/certs/app.humbughq.com.combined-chain.crt;
|
|
|
|
|
ssl_certificate_key /etc/ssl/private/app.humbughq.com.key;
|
|
|
|
|
|
2012-10-27 17:22:13 +02:00
|
|
|
server_name humbughq.com;
|
2012-10-22 23:53:35 +02:00
|
|
|
access_log /var/log/nginx/humbug.access.log;
|
|
|
|
|
error_log /var/log/nginx/humbug.error.log;
|
|
|
|
|
|
|
|
|
|
# Enable HSTS: tell browsers to always use HTTPS
|
|
|
|
|
add_header Strict-Transport-Security max-age=15768000;
|
|
|
|
|
|
|
|
|
|
# Avoid clickjacking attacks
|
|
|
|
|
add_header X-Frame-Options DENY;
|
|
|
|
|
|
|
|
|
|
# Serve a custom error page when the app is down
|
|
|
|
|
error_page 502 503 504 /static/public/html/5xx.html;
|
|
|
|
|
|
|
|
|
|
# Serve static files directly
|
|
|
|
|
location /static/ {
|
|
|
|
|
alias /home/humbug/humbug/zephyr/static-access-control/;
|
|
|
|
|
expires 30d;
|
2012-10-30 15:54:58 +01:00
|
|
|
error_page 404 /static/public/html/404.html;
|
2012-10-22 23:53:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Send longpoll requests to Tornado
|
|
|
|
|
location ~ /json/get_updates|/api/v1/get_messages {
|
|
|
|
|
proxy_pass http://localhost:9993;
|
|
|
|
|
proxy_redirect off;
|
|
|
|
|
|
|
|
|
|
# Needed for longpolling
|
|
|
|
|
proxy_buffering off;
|
|
|
|
|
proxy_read_timeout 1200;
|
|
|
|
|
|
|
|
|
|
proxy_set_header Host $host;
|
|
|
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
|
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# Send everything else to Django via FastCGI
|
|
|
|
|
location / {
|
|
|
|
|
include fastcgi_params;
|
|
|
|
|
fastcgi_pass unix:/home/humbug/humbug/fastcgi-socket;
|
|
|
|
|
fastcgi_split_path_info ^()(.*)$;
|
|
|
|
|
}
|
|
|
|
|
}
|
