u/ewong/rhodecode-enterprise-ce-fork Files · docs/admin/nginx-config-example.rst

vcs: Use a thread scoped cache invalidation context to cache repository objects....

vcs: Use a thread scoped cache invalidation context to cache repository objects. Without this change the cache is on a process scope. If running with multiple threads this leads to sharing the cached object between threads. This will cause exceptions if multiple threads are trying to access the same curl object. Even worse it allows multiple threads to operate on the same repository object concurrently.

marcink - - Load All Authors

File last commit:

r522:3662eb25 default


                r614:cbe55781

default

Download file

             nginx-config-example.rst
        
                    92 lines
            
             | 3.1 KiB
            
                | text/x-rst
            
             |
                RstLexer
            
             / docs / admin / nginx-config-example.rst
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        marcink
    
project: added all source files and assets

              r1
            
      Nginx Configuration Example

      ---------------------------

      Use the following example to configure Nginx as a your web server.

      .. code-block:: nginx

          upstream rc {

        marcink
    
docs: updated apache/nginx configs

              r120
            
              server 127.0.0.1:10002;

        marcink
    
project: added all source files and assets

              r1
            
              # add more instances for load balancing

        marcink
    
docs: updated apache/nginx configs

              r120
            
              # server 127.0.0.1:10003;

              # server 127.0.0.1:10004;

        marcink
    
project: added all source files and assets

              r1
            
          }

          ## gist alias

          server {

              listen          443;

              server_name     gist.myserver.com;

              access_log      /var/log/nginx/gist.access.log;

              error_log       /var/log/nginx/gist.error.log;

              ssl on;

              ssl_certificate     gist.rhodecode.myserver.com.crt;

              ssl_certificate_key gist.rhodecode.myserver.com.key;

              ssl_session_timeout 5m;

              ssl_protocols SSLv3 TLSv1;

              ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;

              ssl_prefer_server_ciphers on;

              add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";

              # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits

              ssl_dhparam /etc/nginx/ssl/dhparam.pem;

              rewrite ^/(.+)$ https://rhodecode.myserver.com/_admin/gists/$1;

              rewrite (.*)    https://rhodecode.myserver.com/_admin/gists;

          }

          server {

              listen          443;

              server_name     rhodecode.myserver.com;

              access_log      /var/log/nginx/rhodecode.access.log;

              error_log       /var/log/nginx/rhodecode.error.log;

              ssl on;

              ssl_certificate     rhodecode.myserver.com.crt;

              ssl_certificate_key rhodecode.myserver.com.key;

              ssl_session_timeout 5m;

              ssl_protocols SSLv3 TLSv1;

              ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;

              ssl_prefer_server_ciphers on;

        dan
    
config: update ini/config files to account for /_static path

              r456
            
              include         /etc/nginx/proxy.conf;

        marcink
    
project: added all source files and assets

              r1
            
        dan
    
config: update ini/config files to account for /_static path

              r456
            
              ## uncomment to serve static files by nginx

        marcink
    
static: change static path to serve rhodecode static assets from...

              r522
            
              # location /_static/rhodecode {

        dan
    
docs: update example nginx/apache configs to use .rccontrol static path

              r457
            
              #    alias /path/to/.rccontrol/enterprise-1/static;

        dan
    
config: update ini/config files to account for /_static path

              r456
            
              # }

        marcink
    
docs: updated apache/nginx configs

              r120
            
        marcink
    
docs: added channelstream example

              r477
            
              ## channel stream live components

              location /_channelstream {

                  rewrite /_channelstream/(.*) /$1 break;

                  proxy_connect_timeout        10;

                  proxy_send_timeout           10m;

                  proxy_read_timeout           10m;

                  tcp_nodelay		             off;

                  proxy_pass                   http://127.0.0.1:9800;

                  proxy_set_header             Host $host;

                  proxy_set_header             X-Real-IP $remote_addr;

                  proxy_set_header	         X-Url-Scheme $scheme;

                  proxy_set_header	         X-Forwarded-Proto $scheme;

                  proxy_set_header 	         X-Forwarded-For $proxy_add_x_forwarded_for;

                  gzip                         off;

                  proxy_http_version           1.1;

                  proxy_set_header Upgrade     $http_upgrade;

                  proxy_set_header Connection  "upgrade";

              }

        marcink
    
docs: updated apache/nginx configs

              r120
            
              location / {

                  try_files $uri @rhode;

              }

        marcink
    
project: added all source files and assets

              r1
            
        marcink
    
docs: added channelstream example

              r477
            
              location @rhode {

                  proxy_pass      http://rc;

              }

        marcink
    
project: added all source files and assets

              r1
            
          }

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

marcink project: added all source files and assets	r1	Nginx Configuration Example
		---------------------------

		Use the following example to configure Nginx as a your web server.

		.. code-block:: nginx

		upstream rc {

marcink docs: updated apache/nginx configs	r120	server 127.0.0.1:10002;
marcink project: added all source files and assets	r1
		# add more instances for load balancing
marcink docs: updated apache/nginx configs	r120	# server 127.0.0.1:10003;
		# server 127.0.0.1:10004;
marcink project: added all source files and assets	r1	}

		## gist alias

		server {
		listen 443;
		server_name gist.myserver.com;
		access_log /var/log/nginx/gist.access.log;
		error_log /var/log/nginx/gist.error.log;

		ssl on;
		ssl_certificate gist.rhodecode.myserver.com.crt;
		ssl_certificate_key gist.rhodecode.myserver.com.key;

		ssl_session_timeout 5m;

		ssl_protocols SSLv3 TLSv1;
		ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
		ssl_prefer_server_ciphers on;
		add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";

		# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
		ssl_dhparam /etc/nginx/ssl/dhparam.pem;

		rewrite ^/(.+)$ https://rhodecode.myserver.com/_admin/gists/$1;
		rewrite (.*) https://rhodecode.myserver.com/_admin/gists;
		}

		server {
		listen 443;
		server_name rhodecode.myserver.com;
		access_log /var/log/nginx/rhodecode.access.log;
		error_log /var/log/nginx/rhodecode.error.log;

		ssl on;
		ssl_certificate rhodecode.myserver.com.crt;
		ssl_certificate_key rhodecode.myserver.com.key;

		ssl_session_timeout 5m;

		ssl_protocols SSLv3 TLSv1;
		ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
		ssl_prefer_server_ciphers on;

dan config: update ini/config files to account for /_static path	r456	include /etc/nginx/proxy.conf;
marcink project: added all source files and assets	r1
dan config: update ini/config files to account for /_static path	r456	## uncomment to serve static files by nginx
marcink static: change static path to serve rhodecode static assets from...	r522	# location /_static/rhodecode {
dan docs: update example nginx/apache configs to use .rccontrol static path	r457	# alias /path/to/.rccontrol/enterprise-1/static;
dan config: update ini/config files to account for /_static path	r456	# }
marcink docs: updated apache/nginx configs	r120
marcink docs: added channelstream example	r477	## channel stream live components
		location /_channelstream {
		rewrite /_channelstream/(.*) /$1 break;
		proxy_connect_timeout 10;
		proxy_send_timeout 10m;
		proxy_read_timeout 10m;
		tcp_nodelay off;
		proxy_pass http://127.0.0.1:9800;
		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Url-Scheme $scheme;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		gzip off;
		proxy_http_version 1.1;
		proxy_set_header Upgrade $http_upgrade;
		proxy_set_header Connection "upgrade";
		}

marcink docs: updated apache/nginx configs	r120	location / {
		try_files $uri @rhode;
		}
marcink project: added all source files and assets	r1
marcink docs: added channelstream example	r477	location @rhode {
		proxy_pass http://rc;
		}
marcink project: added all source files and assets	r1	}