From 75f6e5e8b7e0408241a633daba7fde8b51dde8ca Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 21 Sep 2020 16:10:31 -0500 Subject: [PATCH 1/4] Add FedSockets config --- installation/pleroma.nginx | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index d301ca615..a3b3394f1 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -63,6 +63,7 @@ server { # the nginx default is 1m, not enough for large media uploads client_max_body_size 16m; + ignore_invalid_headers off; location / { proxy_http_version 1.1; @@ -91,4 +92,17 @@ server { chunked_transfer_encoding on; proxy_pass http://127.0.0.1:4000; } + + location /api/fedsocket/v1 { + proxy_http_version 1.1; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + + # The Important Websocket Bits! + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_request_buffering off; + proxy_pass http://127.0.0.1:4000/api/fedsocket/v1; + } } From 2b553b8f8e7cf01d8530b905c48b97b815098cd9 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 21 Sep 2020 16:11:01 -0500 Subject: [PATCH 2/4] Remove duplicate setting --- installation/pleroma.nginx | 2 -- 1 file changed, 2 deletions(-) diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index a3b3394f1..ce74f46e1 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -75,8 +75,6 @@ server { # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only # and `localhost.` resolves to [::0] on some systems: see issue #930 proxy_pass http://127.0.0.1:4000; - - client_max_body_size 16m; } location ~ ^/(media|proxy) { From ade7fede7134d0e05c91ef48d52e48e64fd6dd98 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 21 Sep 2020 16:13:45 -0500 Subject: [PATCH 3/4] Most proxy settings can be global --- installation/pleroma.nginx | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index ce74f46e1..5517e3fc3 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -65,13 +65,13 @@ server { client_max_body_size 16m; ignore_invalid_headers off; - location / { - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + location / { # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only # and `localhost.` resolves to [::0] on some systems: see issue #930 proxy_pass http://127.0.0.1:4000; @@ -82,7 +82,6 @@ server { slice 1m; proxy_cache_key $host$uri$is_args$args$slice_range; proxy_set_header Range $slice_range; - proxy_http_version 1.1; proxy_cache_valid 200 206 301 304 1h; proxy_cache_lock on; proxy_ignore_client_abort on; @@ -92,14 +91,6 @@ server { } location /api/fedsocket/v1 { - proxy_http_version 1.1; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $host; - - # The Important Websocket Bits! - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; proxy_request_buffering off; proxy_pass http://127.0.0.1:4000/api/fedsocket/v1; } From 8906f30ba16bdd91ac51ab9d4568c19070c270d5 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 21 Sep 2020 16:19:08 -0500 Subject: [PATCH 4/4] Use an upstream for reverse proxy so future modifications are simplified --- installation/pleroma.nginx | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index 5517e3fc3..d613befd2 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -9,6 +9,12 @@ proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; +# this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only +# and `localhost.` resolves to [::0] on some systems: see issue #930 +upstream phoenix { + server 127.0.0.1:4000 max_fails=5 fail_timeout=60s; +} + server { server_name example.tld; @@ -72,9 +78,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location / { - # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only - # and `localhost.` resolves to [::0] on some systems: see issue #930 - proxy_pass http://127.0.0.1:4000; + proxy_pass http://phoenix; } location ~ ^/(media|proxy) { @@ -87,11 +91,11 @@ server { proxy_ignore_client_abort on; proxy_buffering on; chunked_transfer_encoding on; - proxy_pass http://127.0.0.1:4000; + proxy_pass http://phoenix; } location /api/fedsocket/v1 { proxy_request_buffering off; - proxy_pass http://127.0.0.1:4000/api/fedsocket/v1; + proxy_pass http://phoenix/api/fedsocket/v1; } }