-
Notifications
You must be signed in to change notification settings - Fork 1.5k
/
nginx.conf
79 lines (75 loc) · 2.6 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/defectdojo/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
client_max_body_size 800m;
sendfile on;
keepalive_timeout 65;
upstream uwsgi_server {
include /run/defectdojo/uwsgi_server;
}
# Disable metrics auth for localhost (for nginx prometheus exporter)
geo $metrics_auth_bypass {
127.0.0.1/32 "off";
default "Metrics";
}
server {
server_tokens off;
listen 8080;
gzip on;
gzip_types application/atom+xml application/geo+json application/javascript application/x-javascript application/json application/ld+json application/manifest+json application/rdf+xml application/rss+xml application/xhtml+xml application/xml font/eot font/otf font/ttf image/svg+xml text/css text/javascript text/plain text/xml;
gzip_proxied any;
gzip_min_length 1000;
location = /50x.html {
root /usr/share/nginx/html;
}
location /static/ {
alias /usr/share/nginx/html/static/;
}
location / {
include /run/defectdojo/uwsgi_pass;
include /etc/nginx/wsgi_params;
uwsgi_read_timeout 1800;
}
location /django_metrics {
# do no edit the following lines, instead set the environment
# variables METRICS_HTTP_AUTH_USER and METRICS_HTTP_AUTH_PASSWORD
#auth_basic $metrics_auth_bypass;
#auth_basic_user_file /etc/nginx/.htpasswd;
include /run/defectdojo/uwsgi_pass;
include /etc/nginx/wsgi_params;
uwsgi_read_timeout 1800;
}
location /nginx_status {
# do no edit the following lines, instead set the environment
# variables METRICS_HTTP_AUTH_USER and METRICS_HTTP_AUTH_PASSWORD
#auth_basic $metrics_auth_bypass;
#auth_basic_user_file /etc/nginx/.htpasswd;
#stub_status on;
access_log off;
}
# Used by Kubernetes liveness checks
location = /nginx_health {
return 200 "Born to be alive!\n";
access_log off;
}
# Used by Kubernetes readiness checks
location = /uwsgi_health {
limit_except GET { deny all; }
rewrite /.+ /login?force_login_form&next=/ break;
include /run/defectdojo/uwsgi_pass;
include /etc/nginx/wsgi_params;
access_log off;
}
error_page 500 502 503 504 /50x.html;
}
}