2019-01-06 21:27:17 +01:00
|
|
|
upstream cms-backend {
|
|
|
|
server cms:8000 fail_timeout=0;
|
|
|
|
}
|
|
|
|
|
2018-09-02 12:35:59 +08:00
|
|
|
{% if ACTIVATE_HTTPS %}
|
2017-07-03 12:39:19 +02:00
|
|
|
server {
|
2018-09-02 12:35:59 +08:00
|
|
|
server_name {{ CMS_HOST }};
|
|
|
|
listen 80;
|
|
|
|
return 301 https://$server_name$request_uri;
|
|
|
|
}
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
server {
|
|
|
|
listen {{ "443 ssl" if ACTIVATE_HTTPS else "80" }};
|
2018-08-05 16:40:51 +02:00
|
|
|
server_name studio.localhost {{ CMS_HOST }};
|
2018-09-02 12:35:59 +08:00
|
|
|
|
|
|
|
{% if ACTIVATE_HTTPS %}
|
|
|
|
ssl_certificate /etc/letsencrypt/live/{{ LMS_HOST }}/fullchain.pem;
|
|
|
|
ssl_certificate_key /etc/letsencrypt/live/{{ LMS_HOST }}/privkey.pem;
|
|
|
|
{% endif %}
|
|
|
|
|
2017-07-24 11:32:50 +02:00
|
|
|
client_max_body_size 100M;
|
2017-07-03 12:39:19 +02:00
|
|
|
|
|
|
|
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;
|
|
|
|
|
|
|
|
# Disables server version feedback on pages and in headers
|
|
|
|
server_tokens off;
|
2018-12-03 19:59:09 +01:00
|
|
|
# Prevent invalid display courseware in IE 10+ with high privacy settings
|
|
|
|
add_header P3P 'CP="Open edX does not have a P3P policy."';
|
2017-07-03 12:39:19 +02:00
|
|
|
|
2017-07-24 11:32:50 +02:00
|
|
|
location @proxy_to_cms_app {
|
2017-07-03 12:39:19 +02:00
|
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
|
|
proxy_set_header Host $http_host;
|
|
|
|
proxy_redirect off;
|
2018-04-19 21:16:51 +02:00
|
|
|
|
2019-01-06 21:27:17 +01:00
|
|
|
proxy_pass http://cms-backend;
|
2017-07-03 12:39:19 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
location / {
|
2017-07-24 11:32:50 +02:00
|
|
|
try_files $uri @proxy_to_cms_app;
|
2017-07-03 12:39:19 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
location ~ ^/static/(?P<file>.*) {
|
2018-12-24 08:54:32 +01:00
|
|
|
root /var/www/openedx;
|
2017-07-03 12:39:19 +02:00
|
|
|
try_files /staticfiles/$file /course_static/$file =404;
|
|
|
|
|
|
|
|
# return a 403 for static files that shouldn't be
|
|
|
|
# in the staticfiles directory
|
|
|
|
location ~ ^/static/(?:.*)(?:\.xml|\.json|README.TXT) {
|
|
|
|
return 403;
|
|
|
|
}
|
|
|
|
|
|
|
|
# Set django-pipelined files to maximum cache time
|
|
|
|
location ~ "/static/(?P<collected>.*\.[0-9a-f]{12}\..*)" {
|
|
|
|
expires max;
|
|
|
|
try_files /staticfiles/$collected /course_static/$collected =404;
|
|
|
|
}
|
|
|
|
location ~ "/static/(?P<collected>[0-9a-f]{7}/.*)" {
|
|
|
|
expires max;
|
|
|
|
try_files /staticfiles/$collected /course_static/$collected =404;
|
|
|
|
}
|
|
|
|
|
|
|
|
# Expire other static files immediately (there should be very few / none of these)
|
|
|
|
expires epoch;
|
|
|
|
}
|
|
|
|
}
|