2
0
mirror of https://github.com/frappe/frappe_docker.git synced 2024-12-26 11:37:33 +00:00
frappe_docker/build/common/nginx-default.conf.template

119 lines
3.5 KiB
Plaintext
Raw Normal View History

upstream frappe-server {
server ${FRAPPE_PY}:${FRAPPE_PY_PORT} fail_timeout=0;
2020-02-10 08:00:54 +00:00
}
upstream socketio-server {
server ${FRAPPE_SOCKETIO}:${SOCKETIO_PORT} fail_timeout=0;
2020-02-10 08:00:54 +00:00
}
# Parse the X-Forwarded-Proto header - if set - defaulting to $scheme.
map $http_x_forwarded_proto $proxy_x_forwarded_proto {
default $scheme;
https https;
}
2020-02-10 08:00:54 +00:00
server {
listen 80;
server_name $http_host;
root /var/www/html;
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
# Define ${UPSTREAM_REAL_IP_ADDRESS} as our trusted upstream address, so we will be using
# its ${UPSTREAM_REAL_IP_HEADER} address as our remote address
set_real_ip_from ${UPSTREAM_REAL_IP_ADDRESS};
real_ip_header ${UPSTREAM_REAL_IP_HEADER};
real_ip_recursive ${UPSTREAM_REAL_IP_RECURSIVE};
2020-02-10 08:00:54 +00:00
location /assets {
try_files $uri =404;
}
location ~ ^/protected/(.*) {
internal;
try_files /sites/$http_host/$1 =404;
}
location /socket.io {
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
2020-02-10 08:00:54 +00:00
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
Changed X-Frappe-Site-Name header to use value from `$host` instead of `$http_host` in nginx configuration ISSUE ----- `$http_host` is used for setting header 'X-Frappe-Site-Name' which adds port number to the header along with the host value. Frappe source app.py expects the header value to contain only the host name and not the port number. So `$host` should be used instead of `$http_host` to set the 'X-Frappe-Site-Name' header `$http_host` vs `$host` in nginx -------------------------------- `$http_host` contains the host name along with port number whereas `$host` contains only the host name in lowercase without the port number. > `$host` - This variable is equal to line Host in the header of request or > name of the server processing the request if the Host header is not available. > This variable may have a different value from $http_host in such cases: > * when the Host input header is absent or has an empty value, > `$host` equals to the value of server_name directive; > * when the value of Host contains port number, `$host` doesn't include > that port number. $host's value is always lowercase since 0.8.17. > - [$host vs $http_host stackoverflow](https://stackoverflow.com/questions/15414810/whats-the-difference-of-host-and-http-host-in-nginx) From the frappe source file [app.py](https://github.com/frappe/frappe/blob/develop/frappe/app.py#L107), X-Frappe-Site-Name is used if its set. ```Python site = _site or request.headers.get('X-Frappe-Site-Name') or get_site_name(request.host) ``` Since `$host` variable will never contain port number which is not the case with `$http_host`, `$host` should be used for setting the header 'X-Frappe-Site-Name'. Otherwise we have issues with site serving. Tested the above changes in compose as well as in swarm environment. In compose, tested the site with host mapping of 80 and 8000. Works with both the host port mapping. Tested with erpnext version - v12.5.2 Changes to be committed: modified: build/common/nginx-default.conf.template
2020-04-09 13:28:34 +00:00
proxy_set_header X-Frappe-Site-Name $host;
proxy_set_header Origin $proxy_x_forwarded_proto://$http_host;
Changed X-Frappe-Site-Name header to use value from `$host` instead of `$http_host` in nginx configuration ISSUE ----- `$http_host` is used for setting header 'X-Frappe-Site-Name' which adds port number to the header along with the host value. Frappe source app.py expects the header value to contain only the host name and not the port number. So `$host` should be used instead of `$http_host` to set the 'X-Frappe-Site-Name' header `$http_host` vs `$host` in nginx -------------------------------- `$http_host` contains the host name along with port number whereas `$host` contains only the host name in lowercase without the port number. > `$host` - This variable is equal to line Host in the header of request or > name of the server processing the request if the Host header is not available. > This variable may have a different value from $http_host in such cases: > * when the Host input header is absent or has an empty value, > `$host` equals to the value of server_name directive; > * when the value of Host contains port number, `$host` doesn't include > that port number. $host's value is always lowercase since 0.8.17. > - [$host vs $http_host stackoverflow](https://stackoverflow.com/questions/15414810/whats-the-difference-of-host-and-http-host-in-nginx) From the frappe source file [app.py](https://github.com/frappe/frappe/blob/develop/frappe/app.py#L107), X-Frappe-Site-Name is used if its set. ```Python site = _site or request.headers.get('X-Frappe-Site-Name') or get_site_name(request.host) ``` Since `$host` variable will never contain port number which is not the case with `$http_host`, `$host` should be used for setting the header 'X-Frappe-Site-Name'. Otherwise we have issues with site serving. Tested the above changes in compose as well as in swarm environment. In compose, tested the site with host mapping of 80 and 8000. Works with both the host port mapping. Tested with erpnext version - v12.5.2 Changes to be committed: modified: build/common/nginx-default.conf.template
2020-04-09 13:28:34 +00:00
proxy_set_header Host $http_host;
2020-02-10 08:00:54 +00:00
proxy_pass http://socketio-server;
}
location / {
rewrite ^(.+)/$ $1 permanent;
rewrite ^(.+)/index\.html$ $1 permanent;
rewrite ^(.+)\.html$ $1 permanent;
location ~ ^/files/.*.(htm|html|svg|xml) {
add_header Content-disposition "attachment";
try_files /sites/$http_host/public/$uri @webserver;
}
2020-02-10 08:00:54 +00:00
try_files /sites/$http_host/public/$uri @webserver;
}
location @webserver {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
Changed X-Frappe-Site-Name header to use value from `$host` instead of `$http_host` in nginx configuration ISSUE ----- `$http_host` is used for setting header 'X-Frappe-Site-Name' which adds port number to the header along with the host value. Frappe source app.py expects the header value to contain only the host name and not the port number. So `$host` should be used instead of `$http_host` to set the 'X-Frappe-Site-Name' header `$http_host` vs `$host` in nginx -------------------------------- `$http_host` contains the host name along with port number whereas `$host` contains only the host name in lowercase without the port number. > `$host` - This variable is equal to line Host in the header of request or > name of the server processing the request if the Host header is not available. > This variable may have a different value from $http_host in such cases: > * when the Host input header is absent or has an empty value, > `$host` equals to the value of server_name directive; > * when the value of Host contains port number, `$host` doesn't include > that port number. $host's value is always lowercase since 0.8.17. > - [$host vs $http_host stackoverflow](https://stackoverflow.com/questions/15414810/whats-the-difference-of-host-and-http-host-in-nginx) From the frappe source file [app.py](https://github.com/frappe/frappe/blob/develop/frappe/app.py#L107), X-Frappe-Site-Name is used if its set. ```Python site = _site or request.headers.get('X-Frappe-Site-Name') or get_site_name(request.host) ``` Since `$host` variable will never contain port number which is not the case with `$http_host`, `$host` should be used for setting the header 'X-Frappe-Site-Name'. Otherwise we have issues with site serving. Tested the above changes in compose as well as in swarm environment. In compose, tested the site with host mapping of 80 and 8000. Works with both the host port mapping. Tested with erpnext version - v12.5.2 Changes to be committed: modified: build/common/nginx-default.conf.template
2020-04-09 13:28:34 +00:00
proxy_set_header X-Frappe-Site-Name $host;
proxy_set_header Host $http_host;
2020-02-10 08:00:54 +00:00
proxy_set_header X-Use-X-Accel-Redirect True;
proxy_read_timeout ${HTTP_TIMEOUT};
2020-02-10 08:00:54 +00:00
proxy_redirect off;
proxy_pass http://frappe-server;
2020-02-10 08:00:54 +00:00
}
# error pages
error_page 502 /502.html;
location /502.html {
root /var/www/templates;
internal;
}
# optimizations
sendfile on;
keepalive_timeout 15;
client_max_body_size 50m;
client_body_buffer_size 16K;
client_header_buffer_size 1k;
# enable gzip compresion
# based on https://mattstauffer.co/blog/enabling-gzip-on-nginx-servers-including-laravel-forge
gzip on;
gzip_http_version 1.1;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/font-woff
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/x-component;
# text/html is always compressed by HttpGzipModule
}