diff options
author | Chocobozzz <me@florianbigard.com> | 2018-01-18 17:44:13 +0100 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-01-18 17:45:49 +0100 |
commit | 5668bf2e51051c809d84b809e2644358fa5fd287 (patch) | |
tree | d49d87b8ce2fd182c831a5cda337c1eeaa067a12 | |
parent | 3e5002477a7643b79aae98ce5e507a7aced6cb8f (diff) | |
download | PeerTube-5668bf2e51051c809d84b809e2644358fa5fd287.tar.gz PeerTube-5668bf2e51051c809d84b809e2644358fa5fd287.tar.zst PeerTube-5668bf2e51051c809d84b809e2644358fa5fd287.zip |
nginx optimizations
-rw-r--r-- | support/doc/production.md | 21 | ||||
-rw-r--r-- | support/nginx/peertube | 21 |
2 files changed, 39 insertions, 3 deletions
diff --git a/support/doc/production.md b/support/doc/production.md index 716f42fbc..2d746bba5 100644 --- a/support/doc/production.md +++ b/support/doc/production.md | |||
@@ -56,8 +56,8 @@ Copy the nginx configuration template: | |||
56 | $ sudo cp /home/peertube/peertube-latest/support/nginx/peertube /etc/nginx/sites-available/peertube | 56 | $ sudo cp /home/peertube/peertube-latest/support/nginx/peertube /etc/nginx/sites-available/peertube |
57 | ``` | 57 | ``` |
58 | 58 | ||
59 | Then modify the webserver configuration file. Please pay attention to the `alias` key of `/static/webseed` location. | 59 | Then modify the webserver configuration file. Please pay attention to the `alias` keys of the static locations. |
60 | It should correspond to the path of your videos directory (set in the configuration file as `storage->videos` key). | 60 | It should correspond to the paths of your storage directories (set in the configuration file inside the `storage` key). |
61 | 61 | ||
62 | ``` | 62 | ``` |
63 | $ sudo vim /etc/nginx/sites-available/peertube | 63 | $ sudo vim /etc/nginx/sites-available/peertube |
@@ -97,6 +97,18 @@ server { | |||
97 | root /var/www/certbot; | 97 | root /var/www/certbot; |
98 | } | 98 | } |
99 | 99 | ||
100 | location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ { | ||
101 | add_header Cache-Control "public, max-age=31536000, immutable"; | ||
102 | |||
103 | alias /home/peertube/peertube-latest/client/dist/$1; | ||
104 | } | ||
105 | |||
106 | location ~ ^/static/(thumbnails|avatars|previews)/(.*)$ { | ||
107 | add_header Cache-Control "public, max-age=31536000, immutable"; | ||
108 | |||
109 | alias /home/peertube/storage/$1/$2; | ||
110 | } | ||
111 | |||
100 | location / { | 112 | location / { |
101 | proxy_pass http://localhost:9000; | 113 | proxy_pass http://localhost:9000; |
102 | proxy_set_header X-Real-IP $remote_addr; | 114 | proxy_set_header X-Real-IP $remote_addr; |
@@ -127,6 +139,9 @@ server { | |||
127 | add_header 'Access-Control-Allow-Origin' '*'; | 139 | add_header 'Access-Control-Allow-Origin' '*'; |
128 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | 140 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; |
129 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | 141 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; |
142 | |||
143 | # Don't spam access log file with byte range requests | ||
144 | access_log off; | ||
130 | } | 145 | } |
131 | 146 | ||
132 | alias /home/peertube/storage/videos; | 147 | alias /home/peertube/storage/videos; |
@@ -219,7 +234,7 @@ The administrator password is automatically generated and can be found in the | |||
219 | logs. You can set another password with: | 234 | logs. You can set another password with: |
220 | 235 | ||
221 | ``` | 236 | ``` |
222 | $ NODE_ENV=production npm run reset-password -- -u root | 237 | $ cd /home/peertube/peertube-latest && NODE_ENV=production npm run reset-password -- -u root |
223 | ``` | 238 | ``` |
224 | 239 | ||
225 | ## Upgrade | 240 | ## Upgrade |
diff --git a/support/nginx/peertube b/support/nginx/peertube index f7be64424..8973f2f24 100644 --- a/support/nginx/peertube +++ b/support/nginx/peertube | |||
@@ -3,6 +3,9 @@ server { | |||
3 | # listen [::]:80; | 3 | # listen [::]:80; |
4 | server_name domain.tld; | 4 | server_name domain.tld; |
5 | 5 | ||
6 | access_log /var/log/nginx/peertube_access.log; | ||
7 | error_log /var/log/nginx/peertube_error.log; | ||
8 | |||
6 | location /.well-known/acme-challenge/ { allow all; } | 9 | location /.well-known/acme-challenge/ { allow all; } |
7 | location / { return 301 https://$host$request_uri; } | 10 | location / { return 301 https://$host$request_uri; } |
8 | } | 11 | } |
@@ -12,11 +15,26 @@ server { | |||
12 | # listen [::]:443 ssl http2; | 15 | # listen [::]:443 ssl http2; |
13 | server_name domain.tld; | 16 | server_name domain.tld; |
14 | 17 | ||
18 | access_log /var/log/nginx/peertube_access.log; | ||
19 | error_log /var/log/nginx/peertube_error.log; | ||
20 | |||
15 | # For example with Let's Encrypt | 21 | # For example with Let's Encrypt |
16 | ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem; | 22 | ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem; |
17 | ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem; | 23 | ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem; |
18 | ssl_trusted_certificate /etc/letsencrypt/live/domain.tld/chain.pem; | 24 | ssl_trusted_certificate /etc/letsencrypt/live/domain.tld/chain.pem; |
19 | 25 | ||
26 | location ~ ^/client/(.*\.(js|css|woff2|otf|ttf|woff|eot))$ { | ||
27 | add_header Cache-Control "public, max-age=31536000, immutable"; | ||
28 | |||
29 | alias /home/peertube/peertube-latest/client/dist/$1; | ||
30 | } | ||
31 | |||
32 | location ~ ^/static/(thumbnails|avatars|previews)/(.*)$ { | ||
33 | add_header Cache-Control "public, max-age=31536000, immutable"; | ||
34 | |||
35 | alias /home/peertube/storage/$1/$2; | ||
36 | } | ||
37 | |||
20 | location / { | 38 | location / { |
21 | proxy_pass http://localhost:9000; | 39 | proxy_pass http://localhost:9000; |
22 | proxy_set_header X-Real-IP $remote_addr; | 40 | proxy_set_header X-Real-IP $remote_addr; |
@@ -49,6 +67,9 @@ server { | |||
49 | add_header 'Access-Control-Allow-Origin' '*'; | 67 | add_header 'Access-Control-Allow-Origin' '*'; |
50 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | 68 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; |
51 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | 69 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; |
70 | |||
71 | # Don't spam access log file with byte range requests | ||
72 | access_log off; | ||
52 | } | 73 | } |
53 | 74 | ||
54 | alias /home/peertube/storage/videos; | 75 | alias /home/peertube/storage/videos; |