Spaces:
Running
Running
| # βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| # nginx configuration for Hugging Face Spaces (single-container deployment) | |
| # | |
| # Key differences from nginx/nginx.conf (multi-container docker-compose): | |
| # | |
| # 1. No `user` directive β nginx runs as the current user (uid 1000). | |
| # The `user` directive requires root; omitting it defaults to the process owner. | |
| # | |
| # 2. All temp/pid paths redirected to /tmp β /var/run is root-owned. | |
| # | |
| # 3. Frontend served as static files directly from /app/frontend/dist β | |
| # no upstream `frontend` container exists in the single-container layout. | |
| # | |
| # 4. Upstream addresses are localhost (127.0.0.1) not container hostnames. | |
| # | |
| # 5. Port 7860 β required by HF Spaces (set in huggingface/README.md). | |
| # | |
| # Bug fix applied: | |
| # [Bug8] Added explicit `log_format gateway` with a [nginx] prefix so that | |
| # nginx access log lines are distinguishable from litellm/backend logs | |
| # when all three processes write to the same Docker log stream via | |
| # supervisord stdout/stderr forwarding. | |
| # βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ | |
| # No `user` directive β process runs as uid 1000 (set in Dockerfile USER) | |
| worker_processes auto; | |
| error_log /dev/stderr warn; | |
| pid /tmp/nginx.pid; | |
| events { | |
| worker_connections 1024; | |
| multi_accept on; | |
| } | |
| http { | |
| include /etc/nginx/mime.types; | |
| default_type application/octet-stream; | |
| # ββ Writable temp dirs for non-root nginx ββββββββββββββββββββββββββββββ | |
| client_body_temp_path /tmp/nginx/client_body; | |
| proxy_temp_path /tmp/nginx/proxy; | |
| fastcgi_temp_path /tmp/nginx/fastcgi; | |
| uwsgi_temp_path /tmp/nginx/uwsgi; | |
| scgi_temp_path /tmp/nginx/scgi; | |
| # FIX [Bug8]: Named log format with [nginx] prefix so nginx access lines | |
| # are distinguishable from litellm / backend lines in the merged Docker log | |
| # stream produced by supervisord's stdout forwarding. | |
| log_format gateway '[nginx] $remote_addr - "$request" $status $body_bytes_sent ' | |
| '"$http_referer" "$http_user_agent" ${request_time}s'; | |
| access_log /dev/stdout gateway; | |
| sendfile on; | |
| tcp_nopush on; | |
| tcp_nodelay on; | |
| keepalive_timeout 65; | |
| gzip on; | |
| gzip_vary on; | |
| gzip_proxied any; | |
| gzip_comp_level 6; | |
| gzip_types | |
| text/plain text/css text/xml text/javascript | |
| application/json application/javascript application/xml+rss | |
| application/atom+xml image/svg+xml; | |
| server { | |
| listen 7860; | |
| server_name _; | |
| client_max_body_size 100M; | |
| proxy_read_timeout 300s; | |
| proxy_connect_timeout 10s; | |
| proxy_send_timeout 300s; | |
| # ββ LiteLLM OpenAI-compatible gateway βββββββββββββββββββββββββββββ | |
| location /v1/ { | |
| proxy_pass http://127.0.0.1:4000; | |
| proxy_http_version 1.1; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| proxy_set_header Connection ""; | |
| # SSE / streaming β must disable buffering end-to-end | |
| proxy_buffering off; | |
| proxy_cache off; | |
| chunked_transfer_encoding on; | |
| proxy_read_timeout 300s; | |
| } | |
| # ββ Backend management API βββββββββββββββββββββββββββββββββββββββββ | |
| location /api/ { | |
| proxy_pass http://127.0.0.1:3001; | |
| proxy_http_version 1.1; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| proxy_set_header Connection ""; | |
| } | |
| # ββ Frontend SPA (served directly β no upstream container) ββββββββ | |
| # Vite build outputs to /app/frontend/dist. | |
| # try_files handles client-side routing (React Router / direct URLs). | |
| location / { | |
| root /app/frontend/dist; | |
| index index.html; | |
| try_files $uri $uri/ /index.html; | |
| # Short cache for HTML entry point (users always get fresh shell) | |
| location = /index.html { | |
| add_header Cache-Control "no-cache, must-revalidate"; | |
| expires 0; | |
| } | |
| } | |
| # ββ Vite content-hashed assets (cache aggressively) βββββββββββββββ | |
| location /assets/ { | |
| root /app/frontend/dist; | |
| expires 1y; | |
| add_header Cache-Control "public, immutable"; | |
| } | |
| } | |
| } |