extras/docker-compose/nginx_site.conf
upstream myblog {
server middleware:3031;
}
server {
listen 80;
server_name anthony-monthe.me;
add_header Strict-Transport-Security max-age=15768000;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name anthony-monthe.me;
# Log
access_log /var/log/nginx/myblog.log;
error_log /var/log/nginx/myblog.err.log warn;
# Misc
client_max_body_size 10M;
# SSL
ssl on;
ssl_certificate /ssl/myblog.crt;
ssl_certificate_key /ssl/myblog.key;
ssl_dhparam /ssl/dhparam.pem;
location / {
uwsgi_pass myblog;
include uwsgi_params;
}
location = /robots.txt {
root /var/www/;
access_log off;
log_not_found off;
}
location ~ ^/static/ {
root /;
autoindex on;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
location ~ ^/media/ {
proxy_pass https://media.anthony-monthe.me;
proxy_redirect off;
proxy_set_header X-Forwarded-For $remote_addr;
}
location ~ /\. { access_log off; log_not_found off; deny all; }
location ~ ~$ { access_log off; log_not_found off; deny all; }
}