2018-10-25 11:38:49 -04:00
|
|
|
error_log stderr;
|
2021-07-13 05:05:44 -04:00
|
|
|
pid nginx.pid;
|
2018-10-25 11:38:49 -04:00
|
|
|
daemon off;
|
|
|
|
|
|
|
|
|
|
http {
|
2021-07-13 05:05:44 -04:00
|
|
|
geo $allowlist {
|
|
|
|
|
default 0;
|
|
|
|
|
# CIDR in the list below are using a more lenient limiter
|
|
|
|
|
1.2.3.4/32 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
map $allowlist $limit {
|
|
|
|
|
0 $binary_remote_addr;
|
|
|
|
|
1 "";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
map $allowlist $limit_loose {
|
|
|
|
|
1 $binary_remote_addr;
|
|
|
|
|
0 "";
|
|
|
|
|
}
|
2019-01-15 11:25:53 -05:00
|
|
|
|
2021-07-13 05:05:44 -04:00
|
|
|
# limit zones are used in hagrid-routes.conf
|
|
|
|
|
limit_req_zone $limit zone=search_email:10m rate=1r/s;
|
|
|
|
|
limit_req_zone $limit_loose zone=search_email_loose:10m rate=1r/m;
|
|
|
|
|
limit_req_zone $binary_remote_addr zone=search_fpr_keyid:10m rate=5r/s;
|
2019-02-26 06:58:21 -05:00
|
|
|
|
2021-07-14 06:32:14 -04:00
|
|
|
proxy_cache_path /tmp/nginx_cache use_temp_path=off keys_zone=static_cache:10m;
|
|
|
|
|
proxy_cache_valid 200 5m;
|
|
|
|
|
|
2018-10-25 11:38:49 -04:00
|
|
|
server {
|
2019-02-26 07:13:37 -05:00
|
|
|
listen 0.0.0.0:8090;
|
2018-10-25 11:38:49 -04:00
|
|
|
|
2021-07-13 05:05:44 -04:00
|
|
|
access_log stderr;
|
2018-10-25 11:38:49 -04:00
|
|
|
|
2019-02-26 07:57:41 -05:00
|
|
|
# To debug the rewrite rules, enable these directives:
|
2021-07-13 05:05:44 -04:00
|
|
|
# error_log stderr notice;
|
|
|
|
|
# rewrite_log on;
|
2019-02-26 07:57:41 -05:00
|
|
|
|
2021-07-13 05:05:44 -04:00
|
|
|
# include /etc/nginx/mime.types;
|
2018-10-25 11:38:49 -04:00
|
|
|
default_type application/octet-stream;
|
|
|
|
|
|
2018-11-02 06:48:02 -04:00
|
|
|
root dist/public;
|
2018-10-25 11:38:49 -04:00
|
|
|
|
2019-02-27 05:39:38 -05:00
|
|
|
include hagrid-routes.conf;
|
2018-10-25 11:38:49 -04:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
events {
|
|
|
|
|
worker_connections 4096;
|
|
|
|
|
}
|
