247361b7dd
* fix: silence nginx healthcheck logs * fix: nginx logs in JSON * fix: typos in nginx conf * refactor: repeat less nginx config * fix: log more req headers from gunicorn * fix: redirect auth->datatracker, not deny * feat: log X-Forwarded-Proto
28 lines
1 KiB
Plaintext
28 lines
1 KiB
Plaintext
server {
|
|
listen 8080 default_server;
|
|
server_name _;
|
|
|
|
# Replace default "main" formatter with the ietfjson formatter from nginx-logging.conf
|
|
access_log /var/log/nginx/access.log ietfjson;
|
|
|
|
location /health/nginx {
|
|
access_log off;
|
|
return 200;
|
|
}
|
|
|
|
location /robots.txt {
|
|
add_header Content-Type text/plain;
|
|
return 200 "User-agent: *\nDisallow: /doc/pdf/\n";
|
|
}
|
|
|
|
location / {
|
|
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' data: https://datatracker.ietf.org/ https://www.ietf.org/ http://ietf.org/ https://analytics.ietf.org https://static.ietf.org; frame-ancestors 'self' ietf.org *.ietf.org meetecho.com *.meetecho.com";
|
|
proxy_set_header Host $${keepempty}host;
|
|
proxy_set_header Connection close;
|
|
proxy_set_header X-Request-Start "t=$${keepempty}msec";
|
|
proxy_set_header X-Forwarded-For $${keepempty}proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Real-IP $${keepempty}remote_addr;
|
|
proxy_pass http://localhost:8000;
|
|
}
|
|
}
|