From 85cd9bde5a93500f973773f46680c07dd90d5912 Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Thu, 11 Jan 2018 10:45:06 +0100
Subject: Remove unused webserver configuration

And update nginx configuration with a rate limit
---
 support/nginx/peertube       | 51 --------------------------------------------
 support/nginx/peertube-https |  7 ++++--
 2 files changed, 5 insertions(+), 53 deletions(-)
 delete mode 100644 support/nginx/peertube

(limited to 'support/nginx')

diff --git a/support/nginx/peertube b/support/nginx/peertube
deleted file mode 100644
index 8120738f6..000000000
--- a/support/nginx/peertube
+++ /dev/null
@@ -1,51 +0,0 @@
-server {
-  listen 80;
-  server_name domain.tld;
-
-  location / {
-    proxy_pass http://localhost:9000;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header Host $host;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
-    # For the video upload
-    client_max_body_size 2G;
-    proxy_connect_timeout       600;
-    proxy_send_timeout          600;
-    proxy_read_timeout          600;
-  }
-
-  # Bypass PeerTube webseed route for better performances
-  location /static/webseed {
-    if ($request_method = 'OPTIONS') {
-      add_header 'Access-Control-Allow-Origin' '*';
-      add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
-      add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
-      add_header 'Access-Control-Max-Age' 1728000;
-      add_header 'Content-Type' 'text/plain charset=UTF-8';
-      add_header 'Content-Length' 0;
-      return 204;
-    }
-
-    if ($request_method = 'GET') {
-      add_header 'Access-Control-Allow-Origin' '*';
-      add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
-      add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
-    }
-
-    alias /your/installation/PeerTube/videos;
-  }
-
-  # Websocket tracker
-  location /tracker/socket {
-    # Peers send a message to the tracker every 15 minutes
-    # Don't close the websocket before this time
-    proxy_read_timeout 1200s;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection "upgrade";
-    proxy_http_version 1.1;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-    proxy_set_header Host $host;
-    proxy_pass http://localhost:9000;
-  }
-}
diff --git a/support/nginx/peertube-https b/support/nginx/peertube-https
index 794920280..c3465f74b 100644
--- a/support/nginx/peertube-https
+++ b/support/nginx/peertube-https
@@ -6,8 +6,8 @@ server {
 }
 
 server {
-  listen 443 ssl http2; # spdy is deprecated on nginx
-  # listen [::]:443 ssl spdy;
+  listen 443 ssl http2;
+  # listen [::]:443 ssl http2;
   server_name domain.tld;
 
   # For example with Let's Encrypt
@@ -30,6 +30,9 @@ server {
 
   # Bypass PeerTube webseed route for better performances
   location /static/webseed {
+    # Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
+    limit_rate 800k;
+
     if ($request_method = 'OPTIONS') {
       add_header 'Access-Control-Allow-Origin' '*';
       add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
-- 
cgit v1.2.3