mirror of
https://github.com/ChristianLight/tutor.git
synced 2025-01-23 21:48:24 +00:00
04a0fb5902
Template files are now directly loaded in the configurator container, so that it is possible to run the configurator container directly, outside of this project.
101 lines
3.0 KiB
Plaintext
101 lines
3.0 KiB
Plaintext
{% if ACTIVATE_HTTPS %}
|
|
server {
|
|
server_name {{ LMS_HOST }} preview.{{ LMS_HOST }};
|
|
listen 80;
|
|
return 301 https://$server_name$request_uri;
|
|
}
|
|
{% endif %}
|
|
|
|
server {
|
|
listen {{ "443 ssl" if ACTIVATE_HTTPS else "80" }};
|
|
server_name localhost {{ LMS_HOST }} preview.{{ LMS_HOST }};
|
|
|
|
{% if ACTIVATE_HTTPS %}
|
|
ssl_certificate /etc/letsencrypt/live/{{ LMS_HOST }}/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/{{ LMS_HOST }}/privkey.pem;
|
|
{% endif %}
|
|
|
|
# Prevent invalid display courseware in IE 10+ with high privacy settings
|
|
add_header P3P 'CP="Open edX does not have a P3P policy."';
|
|
|
|
# Nginx does not support nested condition or or conditions so
|
|
# there is an unfortunate mix of conditonals here.
|
|
|
|
client_max_body_size 4M;
|
|
|
|
rewrite ^(.*)/favicon.ico$ /static/images/favicon.ico last;
|
|
|
|
# Disables server version feedback on pages and in headers
|
|
server_tokens off;
|
|
|
|
location @proxy_to_lms_app {
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
proxy_set_header Host $http_host;
|
|
proxy_redirect off;
|
|
|
|
# Docker resolver
|
|
resolver 127.0.0.11 valid=10s;
|
|
set $upstream lms;
|
|
proxy_pass http://$upstream:8000;
|
|
}
|
|
|
|
location / {
|
|
try_files $uri @proxy_to_lms_app;
|
|
}
|
|
|
|
# /login?next=<any image> can be used by 3rd party sites in <img> tags to
|
|
# determine whether a user on their site is logged into edX.
|
|
# The most common image to use is favicon.ico.
|
|
location /login {
|
|
if ( $arg_next ~* "favicon.ico" ) {
|
|
return 403;
|
|
}
|
|
try_files $uri @proxy_to_lms_app;
|
|
}
|
|
|
|
# Need a separate location for the image uploads endpoint to limit upload sizes
|
|
location ~ ^/api/profile_images/[^/]*/[^/]*/upload$ {
|
|
try_files $uri @proxy_to_lms_app;
|
|
client_max_body_size 1049576;
|
|
}
|
|
|
|
location ~ ^/media/(?P<file>.*) {
|
|
root /openedx/data/lms/uploads;
|
|
try_files /$file =404;
|
|
expires 31536000s;
|
|
}
|
|
|
|
location ~ ^/static/(?P<file>.*) {
|
|
root /openedx/data/lms;
|
|
try_files /staticfiles/$file /course_static/$file =404;
|
|
|
|
# return a 403 for static files that shouldn't be
|
|
# in the staticfiles directory
|
|
location ~ ^/static/(?:.*)(?:\.xml|\.json|README.TXT) {
|
|
return 403;
|
|
}
|
|
|
|
# Set django-pipelined files to maximum cache time
|
|
location ~ "/static/(?P<collected>.*\.[0-9a-f]{12}\..*)" {
|
|
expires max;
|
|
# Without this try_files, files that have been run through
|
|
# django-pipeline return 404s
|
|
try_files /staticfiles/$collected /course_static/$collected =404;
|
|
}
|
|
|
|
# Set django-pipelined files for studio to maximum cache time
|
|
location ~ "/static/(?P<collected>[0-9a-f]{7}/.*)" {
|
|
expires max;
|
|
|
|
# Without this try_files, files that have been run through
|
|
# django-pipeline return 404s
|
|
try_files /staticfiles/$collected /course_static/$collected =404;
|
|
}
|
|
|
|
# Expire other static files immediately (there should be very few / none of these)
|
|
expires epoch;
|
|
}
|
|
}
|