diff options
author | Chocobozzz <me@florianbigard.com> | 2018-01-11 10:45:06 +0100 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2018-01-11 10:46:49 +0100 |
commit | 85cd9bde5a93500f973773f46680c07dd90d5912 (patch) | |
tree | ad8a59e03a51259b654ded57ff3dea6d4c302d73 /support/nginx | |
parent | 60650c77c8a2a98e92d869b237ae4900f369a8fc (diff) | |
download | PeerTube-85cd9bde5a93500f973773f46680c07dd90d5912.tar.gz PeerTube-85cd9bde5a93500f973773f46680c07dd90d5912.tar.zst PeerTube-85cd9bde5a93500f973773f46680c07dd90d5912.zip |
Remove unused webserver configuration
And update nginx configuration with a rate limit
Diffstat (limited to 'support/nginx')
-rw-r--r-- | support/nginx/peertube | 51 | ||||
-rw-r--r-- | support/nginx/peertube-https | 7 |
2 files changed, 5 insertions, 53 deletions
diff --git a/support/nginx/peertube b/support/nginx/peertube deleted file mode 100644 index 8120738f6..000000000 --- a/support/nginx/peertube +++ /dev/null | |||
@@ -1,51 +0,0 @@ | |||
1 | server { | ||
2 | listen 80; | ||
3 | server_name domain.tld; | ||
4 | |||
5 | location / { | ||
6 | proxy_pass http://localhost:9000; | ||
7 | proxy_set_header X-Real-IP $remote_addr; | ||
8 | proxy_set_header Host $host; | ||
9 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
10 | |||
11 | # For the video upload | ||
12 | client_max_body_size 2G; | ||
13 | proxy_connect_timeout 600; | ||
14 | proxy_send_timeout 600; | ||
15 | proxy_read_timeout 600; | ||
16 | } | ||
17 | |||
18 | # Bypass PeerTube webseed route for better performances | ||
19 | location /static/webseed { | ||
20 | if ($request_method = 'OPTIONS') { | ||
21 | add_header 'Access-Control-Allow-Origin' '*'; | ||
22 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | ||
23 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | ||
24 | add_header 'Access-Control-Max-Age' 1728000; | ||
25 | add_header 'Content-Type' 'text/plain charset=UTF-8'; | ||
26 | add_header 'Content-Length' 0; | ||
27 | return 204; | ||
28 | } | ||
29 | |||
30 | if ($request_method = 'GET') { | ||
31 | add_header 'Access-Control-Allow-Origin' '*'; | ||
32 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | ||
33 | add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; | ||
34 | } | ||
35 | |||
36 | alias /your/installation/PeerTube/videos; | ||
37 | } | ||
38 | |||
39 | # Websocket tracker | ||
40 | location /tracker/socket { | ||
41 | # Peers send a message to the tracker every 15 minutes | ||
42 | # Don't close the websocket before this time | ||
43 | proxy_read_timeout 1200s; | ||
44 | proxy_set_header Upgrade $http_upgrade; | ||
45 | proxy_set_header Connection "upgrade"; | ||
46 | proxy_http_version 1.1; | ||
47 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
48 | proxy_set_header Host $host; | ||
49 | proxy_pass http://localhost:9000; | ||
50 | } | ||
51 | } | ||
diff --git a/support/nginx/peertube-https b/support/nginx/peertube-https index 794920280..c3465f74b 100644 --- a/support/nginx/peertube-https +++ b/support/nginx/peertube-https | |||
@@ -6,8 +6,8 @@ server { | |||
6 | } | 6 | } |
7 | 7 | ||
8 | server { | 8 | server { |
9 | listen 443 ssl http2; # spdy is deprecated on nginx | 9 | listen 443 ssl http2; |
10 | # listen [::]:443 ssl spdy; | 10 | # listen [::]:443 ssl http2; |
11 | server_name domain.tld; | 11 | server_name domain.tld; |
12 | 12 | ||
13 | # For example with Let's Encrypt | 13 | # For example with Let's Encrypt |
@@ -30,6 +30,9 @@ server { | |||
30 | 30 | ||
31 | # Bypass PeerTube webseed route for better performances | 31 | # Bypass PeerTube webseed route for better performances |
32 | location /static/webseed { | 32 | location /static/webseed { |
33 | # Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client | ||
34 | limit_rate 800k; | ||
35 | |||
33 | if ($request_method = 'OPTIONS') { | 36 | if ($request_method = 'OPTIONS') { |
34 | add_header 'Access-Control-Allow-Origin' '*'; | 37 | add_header 'Access-Control-Allow-Origin' '*'; |
35 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; | 38 | add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS'; |