pdf-tei-editor / docs /development /nginx-dev.conf
cmboulanger's picture
disaster-recovery deploy of pdf-tei-editor
6a49f21 verified
Raw
History Blame Contribute Delete
2.89 kB
# PDF TEI Editor demo configuration for pdf-tei-editor.example.com
server {
server_name pdf-tei-editor.example.com;
# API endpoints - must not be cached by nginx (fixes #114)
# This location must come BEFORE the general location / block
location /api/ {
proxy_pass http://127.0.0.1:8010;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
# Disable nginx caching - respect backend Cache-Control headers
proxy_cache off;
proxy_buffering off;
proxy_no_cache 1;
proxy_cache_bypass 1;
# Ensure Cache-Control headers from backend are passed through
proxy_pass_header Cache-Control;
proxy_pass_header Pragma;
proxy_pass_header Expires;
# Reinforce cache headers at proxy level
add_header Cache-Control "no-cache, no-store, must-revalidate" always;
add_header Pragma "no-cache" always;
add_header Expires "0" always;
}
# Special handling for Server-Sent Events
location /sse/ {
proxy_pass http://127.0.0.1:8010;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_buffering off;
proxy_cache off;
proxy_read_timeout 300;
proxy_connect_timeout 75;
}
# General proxy for all other requests
location / {
proxy_pass http://127.0.0.1:8010;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_redirect off;
}
# Allow uploads up to 100MB (adjust as needed)
client_max_body_size 100M;
# increase timeouts for large uploads
proxy_read_timeout 300s;
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/pdf-tei-editor.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/pdf-tei-editor.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = pdf-tei-editor.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name pdf-tei-editor.example.com;
listen 80;
return 404; # managed by Certbot
}