##// END OF EJS Templates
docs: updated apache/nginx configs
marcink -
r120:abd64f5a default
parent child Browse files
Show More
@@ -1,33 +1,33 b''
1 Apache Reverse Proxy
1 Apache Reverse Proxy
2 ^^^^^^^^^^^^^^^^^^^^
2 ^^^^^^^^^^^^^^^^^^^^
3
3
4 Here is a sample configuration file for using Apache as a reverse proxy.
4 Here is a sample configuration file for using Apache as a reverse proxy.
5
5
6 .. code-block:: apache
6 .. code-block:: apache
7
7
8 <VirtualHost *:80>
8 <VirtualHost *:80>
9 ServerName hg.myserver.com
9 ServerName hg.myserver.com
10 ServerAlias hg.myserver.com
10 ServerAlias hg.myserver.com
11
11
12 ## uncomment root directive if you want to serve static files by nginx
12 ## uncomment root directive if you want to serve static files by
13 ## requires static_files = false in .ini file
13 ## Apache requires static_files = false in .ini file
14 DocumentRoot /path/to/installation/rhodecode/public
14 #DocumentRoot /path/to/rhodecode/installation/public
15
15
16 <Proxy *>
16 <Proxy *>
17 Order allow,deny
17 Order allow,deny
18 Allow from all
18 Allow from all
19 </Proxy>
19 </Proxy>
20
20
21 #important !
21 ## Important !
22 #Directive to properly generate url (clone url) for pylons
22 ## Directive to properly generate url (clone url) for pylons
23 ProxyPreserveHost On
23 ProxyPreserveHost On
24
24
25 #rhodecode instance
25 ## RhodeCode instance running
26 ProxyPass / http://127.0.0.1:5000/
26 ProxyPass / http://127.0.0.1:10002/
27 ProxyPassReverse / http://127.0.0.1:5000/
27 ProxyPassReverse / http://127.0.0.1:10002/
28
28
29 #to enable https use line below
29 ## to enable https use line below
30 #SetEnvIf X-Url-Scheme https HTTPS=1
30 #SetEnvIf X-Url-Scheme https HTTPS=1
31
31
32 </VirtualHost>
32 </VirtualHost>
33
33
@@ -1,71 +1,72 b''
1 Nginx Configuration Example
1 Nginx Configuration Example
2 ---------------------------
2 ---------------------------
3
3
4 Use the following example to configure Nginx as a your web server.
4 Use the following example to configure Nginx as a your web server.
5
5
6 .. code-block:: nginx
6 .. code-block:: nginx
7
7
8 upstream rc {
8 upstream rc {
9
9
10 server 127.0.0.1:5000;
10 server 127.0.0.1:10002;
11
11
12 # add more instances for load balancing
12 # add more instances for load balancing
13 # server 127.0.0.1:5001;
13 # server 127.0.0.1:10003;
14 # server 127.0.0.1:5002;
14 # server 127.0.0.1:10004;
15 }
15 }
16
16
17 ## gist alias
17 ## gist alias
18
18
19 server {
19 server {
20 listen 443;
20 listen 443;
21 server_name gist.myserver.com;
21 server_name gist.myserver.com;
22 access_log /var/log/nginx/gist.access.log;
22 access_log /var/log/nginx/gist.access.log;
23 error_log /var/log/nginx/gist.error.log;
23 error_log /var/log/nginx/gist.error.log;
24
24
25 ssl on;
25 ssl on;
26 ssl_certificate gist.rhodecode.myserver.com.crt;
26 ssl_certificate gist.rhodecode.myserver.com.crt;
27 ssl_certificate_key gist.rhodecode.myserver.com.key;
27 ssl_certificate_key gist.rhodecode.myserver.com.key;
28
28
29 ssl_session_timeout 5m;
29 ssl_session_timeout 5m;
30
30
31 ssl_protocols SSLv3 TLSv1;
31 ssl_protocols SSLv3 TLSv1;
32 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
32 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
33 ssl_prefer_server_ciphers on;
33 ssl_prefer_server_ciphers on;
34 add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
34 add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
35
35
36 # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
36 # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
37 ssl_dhparam /etc/nginx/ssl/dhparam.pem;
37 ssl_dhparam /etc/nginx/ssl/dhparam.pem;
38
38
39 rewrite ^/(.+)$ https://rhodecode.myserver.com/_admin/gists/$1;
39 rewrite ^/(.+)$ https://rhodecode.myserver.com/_admin/gists/$1;
40 rewrite (.*) https://rhodecode.myserver.com/_admin/gists;
40 rewrite (.*) https://rhodecode.myserver.com/_admin/gists;
41 }
41 }
42
42
43 server {
43 server {
44 listen 443;
44 listen 443;
45 server_name rhodecode.myserver.com;
45 server_name rhodecode.myserver.com;
46 access_log /var/log/nginx/rhodecode.access.log;
46 access_log /var/log/nginx/rhodecode.access.log;
47 error_log /var/log/nginx/rhodecode.error.log;
47 error_log /var/log/nginx/rhodecode.error.log;
48
48
49 ssl on;
49 ssl on;
50 ssl_certificate rhodecode.myserver.com.crt;
50 ssl_certificate rhodecode.myserver.com.crt;
51 ssl_certificate_key rhodecode.myserver.com.key;
51 ssl_certificate_key rhodecode.myserver.com.key;
52
52
53 ssl_session_timeout 5m;
53 ssl_session_timeout 5m;
54
54
55 ssl_protocols SSLv3 TLSv1;
55 ssl_protocols SSLv3 TLSv1;
56 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
56 ssl_ciphers DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5;
57 ssl_prefer_server_ciphers on;
57 ssl_prefer_server_ciphers on;
58
58
59 ## uncomment root directive if you want to serve static files by nginx
59 ## uncomment root directive if you want to serve static files by nginx
60 ## requires static_files = false in .ini file
60 ## requires static_files = false in .ini file
61 # root /path/to/installation/rhodecode/public;
61 # root /path/to/rhodecode/installation/public;
62
62
63 include /etc/nginx/proxy.conf;
63 include /etc/nginx/proxy.conf;
64
64 location / {
65 location / {
65 try_files $uri @rhode;
66 try_files $uri @rhode;
66 }
67 }
67
68
68 location @rhode {
69 location @rhode {
69 proxy_pass http://rc;
70 proxy_pass http://rc;
70 }
71 }
71 }
72 }
General Comments 0
You need to be logged in to leave comments. Login now