From 81dda4f6cca091c4089820da4027005823fdb10b Mon Sep 17 00:00:00 2001 From: TLSM Date: Sun, 2 Oct 2022 14:27:18 -0400 Subject: [PATCH] Serve static user content with nginx. --- files/routes/static.py | 6 ++++ nginx-serve-static.txt | 8 +++++ nginx.txt | 66 +++++++++++++++++++++++++----------------- ubuntu_setup.sh | 2 ++ 4 files changed, 56 insertions(+), 26 deletions(-) create mode 100644 nginx-serve-static.txt diff --git a/files/routes/static.py b/files/routes/static.py index 705a6681f..bc7adb1d5 100644 --- a/files/routes/static.py +++ b/files/routes/static.py @@ -297,6 +297,10 @@ def static_service(path): return resp +### BEGIN FALLBACK ASSET SERVING +# In production, we have nginx serve these locations now. +# These routes stay for local testing. Requests don't reach them on prod. + @app.get('/images/') @app.get('/hostedimages/') @app.get("/static/images/") @@ -325,6 +329,8 @@ def audio(path): resp.headers.add("Cache-Control", "public, max-age=3153600") return resp +### END FALLBACK ASSET SERVING + @app.get("/robots.txt") def robots_txt(): return send_file("assets/robots.txt") diff --git a/nginx-serve-static.txt b/nginx-serve-static.txt new file mode 100644 index 000000000..545534ad6 --- /dev/null +++ b/nginx-serve-static.txt @@ -0,0 +1,8 @@ +root /; +try_files $uri =404; +add_header 'Cache-Control' "public, max-age=3153600"; + +sendfile on; +sendfile_max_chunk 1m; +tcp_nopush on; +directio 4m; diff --git a/nginx.txt b/nginx.txt index aec8278e8..160ab3ec9 100644 --- a/nginx.txt +++ b/nginx.txt @@ -1,28 +1,42 @@ server { - server_name rdrama.net; - client_max_body_size 100m; - listen 443 ssl; - listen [::]:443 ssl; - ssl_certificate '/rdrama.pem'; - ssl_certificate_key '/rdrama.key'; - proxy_set_header Host $host; + server_name rdrama.net; + client_max_body_size 100m; + listen 443 ssl; + listen [::]:443 ssl; + ssl_certificate '/rdrama.pem'; + ssl_certificate_key '/rdrama.key'; + proxy_set_header Host $host; - location / { - proxy_pass http://localhost:5000/; - } - location /socket.io { - include proxy_params; - proxy_http_version 1.1; - proxy_buffering off; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; - proxy_pass http://127.0.0.1:5001/socket.io; - } - location /chat { - proxy_pass http://127.0.0.1:5001/chat; - } - error_page 502 = /error_page/502.html; - location /error_page/ { - alias /rDrama/files/templates/errors/; - } -} \ No newline at end of file + location / { + proxy_pass http://localhost:5000/; + } + location /socket.io { + include proxy_params; + proxy_http_version 1.1; + proxy_buffering off; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_pass http://127.0.0.1:5001/socket.io; + } + location /chat { + proxy_pass http://127.0.0.1:5001/chat; + } + + location /images/ { + include includes/serve-static; + } + location /videos/ { + include includes/serve-static; + } + location /audio/ { + include includes/serve-static; + } + location /asset_submissions/ { + include includes/serve-static; + } + + error_page 502 = /error_page/502.html; + location /error_page/ { + alias /rDrama/files/templates/errors/; + } +} diff --git a/ubuntu_setup.sh b/ubuntu_setup.sh index 3d930fc10..dbbc1f0f2 100644 --- a/ubuntu_setup.sh +++ b/ubuntu_setup.sh @@ -28,7 +28,9 @@ chown postgres:postgres /etc/postgresql/14/main/pg_hba.conf sudo rm /etc/nginx/sites-available -r sudo rm /etc/nginx/sites-enabled/default +sudo mkdir /etc/nginx/includes sudo cp nginx.txt /etc/nginx/sites-enabled/1 +sudo cp nginx-serve-static.txt /etc/nginx/includes/serve-static psql -U postgres -f schema.sql postgres psql -U postgres -f seed-db.sql postgres