Spaces:
Runtime error
Runtime error
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| upstream chat_agent { | |
| server chat-agent:5000; | |
| } | |
| # Rate limiting | |
| limit_req_zone $binary_remote_addr zone=api:10m rate=10r/s; | |
| limit_req_zone $binary_remote_addr zone=websocket:10m rate=5r/s; | |
| server { | |
| listen 80; | |
| server_name localhost; | |
| # Security headers | |
| add_header X-Frame-Options DENY; | |
| add_header X-Content-Type-Options nosniff; | |
| add_header X-XSS-Protection "1; mode=block"; | |
| add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; | |
| # Gzip compression | |
| gzip on; | |
| gzip_vary on; | |
| gzip_min_length 1024; | |
| gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; | |
| # Static files | |
| location /static/ { | |
| alias /app/static/; | |
| expires 1y; | |
| add_header Cache-Control "public, immutable"; | |
| } | |
| # WebSocket connections | |
| location /socket.io/ { | |
| limit_req zone=websocket burst=10 nodelay; | |
| proxy_pass http://chat_agent; | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade $http_upgrade; | |
| proxy_set_header Connection "upgrade"; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| # WebSocket timeout settings | |
| proxy_read_timeout 86400; | |
| proxy_send_timeout 86400; | |
| } | |
| # API endpoints | |
| location /api/ { | |
| limit_req zone=api burst=20 nodelay; | |
| proxy_pass http://chat_agent; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| } | |
| # Health check endpoint | |
| location /health { | |
| proxy_pass http://chat_agent; | |
| access_log off; | |
| } | |
| # Main application | |
| location / { | |
| proxy_pass http://chat_agent; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| } | |
| } | |
| # HTTPS configuration (uncomment and configure for production) | |
| # server { | |
| # listen 443 ssl http2; | |
| # server_name your-domain.com; | |
| # | |
| # ssl_certificate /etc/nginx/ssl/cert.pem; | |
| # ssl_certificate_key /etc/nginx/ssl/key.pem; | |
| # ssl_protocols TLSv1.2 TLSv1.3; | |
| # ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384; | |
| # ssl_prefer_server_ciphers off; | |
| # | |
| # # Include the same location blocks as above | |
| # } | |
| } |