54 lines
1.5 KiB
Plaintext
54 lines
1.5 KiB
Plaintext
upstream mastodon_app {
|
|
<% @upstream_hosts.each do |host| %>
|
|
server <%= host %>:<%= @app_port %>;
|
|
<% end %>
|
|
}
|
|
|
|
upstream mastodon_streaming {
|
|
<% @upstream_hosts.each do |host| %>
|
|
server <%= host %>:<%= @streaming_port %>;
|
|
<% end %>
|
|
}
|
|
|
|
map $http_upgrade $connection_upgrade {
|
|
default upgrade;
|
|
'' close;
|
|
}
|
|
|
|
proxy_cache_path /var/cache/nginx/mastodon levels=1:2
|
|
keys_zone=mastodon_cache:10m
|
|
max_size=1g inactive=120m use_temp_path=off;
|
|
|
|
server {
|
|
listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>443 ssl http2;
|
|
listen [::]:443 ssl http2;
|
|
server_name <%= @server_name %>;
|
|
include <%= @shared_config_path %>;
|
|
|
|
ssl_certificate <%= @ssl_cert %>;
|
|
ssl_certificate_key <%= @ssl_key %>;
|
|
|
|
add_header Strict-Transport-Security "max-age=31536000";
|
|
<% if @onion_address %>
|
|
add_header Onion-Location https://mastodon.<%= @onion_address %>$request_uri;
|
|
<% end %>
|
|
}
|
|
|
|
<% if @onion_address %>
|
|
server {
|
|
listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>80;
|
|
server_name mastodon.<%= @onion_address %>;
|
|
include <%= @shared_config_path %>;
|
|
}
|
|
server {
|
|
listen <%= "#{node['openresty']['listen_ip']}:" if node['openresty']['listen_ip'] %>443 ssl http2;
|
|
server_name mastodon.<%= @onion_address %>;
|
|
include <%= @shared_config_path %>;
|
|
|
|
ssl_certificate <%= @ssl_cert %>;
|
|
ssl_certificate_key <%= @ssl_key %>;
|
|
|
|
add_header Strict-Transport-Security "max-age=31536000";
|
|
}
|
|
<% end %>
|