93 lines
2.6 KiB
Plaintext
93 lines
2.6 KiB
Plaintext
{% if ACTIVATE_LMS %}
|
|
upstream lms-backend {
|
|
server lms:8000 fail_timeout=0;
|
|
}
|
|
|
|
{% if ACTIVATE_HTTPS %}
|
|
server {
|
|
server_name {{ LMS_HOST }} preview.{{ LMS_HOST }};
|
|
listen 80;
|
|
access_log /var/log/nginx/access.log tutor;
|
|
return 301 https://$server_name$request_uri;
|
|
}
|
|
{% endif %}
|
|
|
|
server {
|
|
{% if ACTIVATE_HTTPS %}listen 443 {{ "" if WEB_PROXY else "ssl" }};{% else %}listen 80;{% endif %}
|
|
server_name {{ LMS_HOST }} preview.{{ LMS_HOST }};
|
|
|
|
{% if ACTIVATE_HTTPS and not WEB_PROXY %}
|
|
ssl_certificate /etc/letsencrypt/live/{{ LMS_HOST }}/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/{{ LMS_HOST }}/privkey.pem;
|
|
{% endif %}
|
|
|
|
access_log /var/log/nginx/access.log tutor;
|
|
client_max_body_size 4M;
|
|
server_tokens off;
|
|
|
|
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;
|
|
|
|
location @proxy_to_lms_app {
|
|
{% if not WEB_PROXY %}
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
{% endif %}
|
|
proxy_set_header Host $http_host;
|
|
proxy_redirect off;
|
|
|
|
proxy_pass http://lms-backend;
|
|
}
|
|
|
|
location / {
|
|
try_files $uri @proxy_to_lms_app;
|
|
}
|
|
|
|
# /login?next=<any image> can be used by 3rd party sites in <img> tags to
|
|
# determine whether a user on their site is logged into edX.
|
|
# The most common image to use is favicon.ico.
|
|
location /login {
|
|
if ( $arg_next ~* "favicon.ico" ) {
|
|
return 403;
|
|
}
|
|
try_files $uri @proxy_to_lms_app;
|
|
}
|
|
|
|
# Need a separate location for the image uploads endpoint to limit upload sizes
|
|
location ~ ^/api/profile_images/[^/]*/[^/]*/upload$ {
|
|
try_files $uri @proxy_to_lms_app;
|
|
client_max_body_size 1049576;
|
|
}
|
|
|
|
location ~ ^/media/(?P<file>.*) {
|
|
root /var/www/openedx-media;
|
|
try_files /$file =404;
|
|
expires 31536000s;
|
|
}
|
|
|
|
location ~ ^/static/(?P<file>.*) {
|
|
root /var/www/openedx;
|
|
try_files /staticfiles/$file /course_static/$file =404;
|
|
|
|
# return a 403 for static files that shouldn't be
|
|
# in the staticfiles directory
|
|
location ~ ^/static/(?:.*)(?:\.xml|\.json|README.TXT) {
|
|
return 403;
|
|
}
|
|
|
|
# Set django-pipelined files to maximum cache time
|
|
location ~ "/static/(?P<collected>.*\.[0-9a-f]{12}\..*)" {
|
|
expires max;
|
|
try_files /staticfiles/$collected /course_static/$collected =404;
|
|
}
|
|
location ~ "/static/(?P<collected>[0-9a-f]{7}/.*)" {
|
|
expires max;
|
|
try_files /staticfiles/$collected /course_static/$collected =404;
|
|
}
|
|
|
|
# Expire other static files immediately (there should be very few / none of these)
|
|
expires epoch;
|
|
}
|
|
}
|
|
{% endif %}
|