From f036b9c0da685d11e341d61e5aaeb75cac576111 Mon Sep 17 00:00:00 2001 From: Cullum Smith Date: Wed, 17 Jul 2024 06:45:00 -0400 Subject: add pkg_repository hostclass --- files/usr/local/etc/nginx/nginx.conf.common | 44 ++++++++++++++++++++ .../usr/local/etc/nginx/vhosts.conf.pkg_repository | 47 ++++++++++++++++++++++ 2 files changed, 91 insertions(+) create mode 100644 files/usr/local/etc/nginx/nginx.conf.common create mode 100644 files/usr/local/etc/nginx/vhosts.conf.pkg_repository (limited to 'files/usr/local/etc/nginx') diff --git a/files/usr/local/etc/nginx/nginx.conf.common b/files/usr/local/etc/nginx/nginx.conf.common new file mode 100644 index 0000000..b0a9a06 --- /dev/null +++ b/files/usr/local/etc/nginx/nginx.conf.common @@ -0,0 +1,44 @@ +worker_processes ${nginx_worker_processes}; +worker_rlimit_nofile ${nginx_nofile}; + +events { + worker_connections ${nginx_worker_connections}; +} + +http { + include mime.types; + default_type application/octet-stream; + index index.html; + + aio threads; + aio_write on; + sendfile on; + directio 4m; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + server_tokens off; + client_max_body_size 5m; + charset utf-8; + gzip on; + gzip_http_version 1.0; + gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json image/svg+xml; + + proxy_buffers 64 32k; + proxy_busy_buffers_size 64k; + fastcgi_buffers 64 32k; + + ssl_session_timeout 1d; + ssl_session_cache shared:SSL:10m; + ssl_session_tickets off; + ssl_protocols TLSv1.3; + ssl_prefer_server_ciphers off; + + map \$http_upgrade \$connection_upgrade { + default upgrade; + '' keep-alive; + } + + include vhosts.conf; +} diff --git a/files/usr/local/etc/nginx/vhosts.conf.pkg_repository b/files/usr/local/etc/nginx/vhosts.conf.pkg_repository new file mode 100644 index 0000000..8177626 --- /dev/null +++ b/files/usr/local/etc/nginx/vhosts.conf.pkg_repository @@ -0,0 +1,47 @@ +server { + listen 0.0.0.0:80 default_server; + listen [::]:80 default_server; + server_name ${fqdn}; + root ${poudriere_data_dir}/data/packages; + + include mime.types; + types { + text/plain log; + } + + location /poudriere/ { + alias /usr/local/share/poudriere/html/; + + # Allow caching static resources + location ~* ^.+\.(jpg|jpeg|gif|png|ico|svg|woff|css|js|html)$ { + add_header Cache-Control "public"; + expires 2d; + } + + location /poudriere/data { + alias ${poudriere_data_dir}/data/logs/bulk; + + # Allow caching dynamic files but ensure they get rechecked + location ~* ^.+\.(log|txz|tbz|bz2|gz)$ { + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + } + + # Don't log json requests as they come in frequently and ensure + # caching works as expected + location ~* ^.+\.(json)$ { + add_header Cache-Control "public, must-revalidate, proxy-revalidate"; + access_log off; + log_not_found off; + } + + # Allow indexing only in log dirs + location ~ /poudriere/data/?.*/(logs|latest-per-pkg)/ { + autoindex on; + } + } + } + + location / { + autoindex on; + } +} -- cgit v1.2.3