InvenTree/docker/production/nginx.prod.conf
Matthias Mair aa2f5e330a
Make nginx more clear that changing the port is 'dangerous' (#4880)
* Make nginx more clear that changing the port is 'dangerous'
See https://github.com/inventree/InvenTree/issues/4859#issuecomment-1560025566

* also add note to prod docker-compose
2023-05-24 09:05:16 +10:00

65 lines
1.6 KiB
Plaintext

server {
# Listen for connection on (internal) port 80
listen 80;
real_ip_header proxy_protocol;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-By $server_addr:$server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header CLIENT_IP $remote_addr;
proxy_pass_request_headers on;
proxy_redirect off;
client_max_body_size 100M;
proxy_buffering off;
proxy_request_buffering off;
# Do not touch this unless you have a specific reason - this and the docker-compose need to match
proxy_pass http://inventree-server:8000;
}
# Redirect any requests for static files
location /static/ {
alias /var/www/static/;
autoindex on;
# Caching settings
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
# Redirect any requests for media files
location /media/ {
alias /var/www/media/;
# Media files require user authentication
auth_request /auth;
# Content header to force download
add_header Content-disposition "attachment";
}
# Use the 'user' API endpoint for auth
location /auth {
internal;
proxy_pass http://inventree-server:8000/auth/;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
}
}