mirror of
https://gitlab.com/hagrid-keyserver/hagrid.git
synced 2023-02-13 20:55:02 -05:00
50 lines
1 KiB
Nginx Configuration File
50 lines
1 KiB
Nginx Configuration File
error_log stderr;
|
|
pid nginx.pid;
|
|
daemon off;
|
|
|
|
http {
|
|
geo $allowlist {
|
|
default 0;
|
|
# CIDR in the list below are using a more lenient limiter
|
|
1.2.3.4/32 1;
|
|
}
|
|
|
|
map $allowlist $limit {
|
|
0 $binary_remote_addr;
|
|
1 "";
|
|
}
|
|
|
|
map $allowlist $limit_loose {
|
|
1 $binary_remote_addr;
|
|
0 "";
|
|
}
|
|
|
|
# limit zones are used in hagrid-routes.conf
|
|
limit_req_zone $limit zone=search_email:10m rate=1r/s;
|
|
limit_req_zone $limit_loose zone=search_email_loose:10m rate=1r/m;
|
|
limit_req_zone $binary_remote_addr zone=search_fpr_keyid:10m rate=5r/s;
|
|
|
|
proxy_cache_path /tmp/nginx_cache use_temp_path=off keys_zone=static_cache:10m;
|
|
proxy_cache_valid 200 5m;
|
|
|
|
server {
|
|
listen 0.0.0.0:8090;
|
|
|
|
access_log stderr;
|
|
|
|
# To debug the rewrite rules, enable these directives:
|
|
# error_log stderr notice;
|
|
# rewrite_log on;
|
|
|
|
# include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
root dist/public;
|
|
|
|
include hagrid-routes.conf;
|
|
}
|
|
}
|
|
|
|
events {
|
|
worker_connections 4096;
|
|
}
|