github.com/ddev/ddev@v1.23.2-0.20240519125000-d824ffe36ff3/pkg/ddevapp/webserver_config_assets/nginx-site-django4.conf (about) 1 # ddev Django nginx config 2 #ddev-generated 3 # If you want to take over this file and customize it, remove the line above 4 # and ddev will respect it and won't overwrite the file. 5 # See https://ddev.readthedocs.io/en/stable/users/extend/customization-extendibility/#custom-nginx-configuration 6 7 server { 8 listen 80 default_server; 9 listen 443 ssl default_server; 10 11 client_max_body_size 4G; 12 13 # Path for static files 14 root /var/www/html/mysite; 15 16 ssl_certificate /etc/ssl/certs/master.crt; 17 ssl_certificate_key /etc/ssl/certs/master.key; 18 19 include /etc/nginx/monitoring.conf; 20 21 keepalive_timeout 5; 22 23 location / { 24 # checks for static file, if not found proxy to app 25 try_files $uri @proxy_to_app; 26 } 27 28 location @proxy_to_app { 29 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 30 # X-Forwarded-Proto doesn't seem to work in reverse-proxied gunicorn 31 # See https://github.com/benoitc/gunicorn/issues/1857#issuecomment-1134699466 32 # proxy_set_header X-Forwarded-Proto $scheme; 33 proxy_set_header Host $http_host; 34 # we don't want nginx trying to do something clever with 35 # redirects, we set the Host: header above already. 36 proxy_redirect off; 37 proxy_pass http://localhost:8000; 38 } 39 40 # error_page 500 502 503 504 /500.html; 41 # location = /500.html { 42 # root /var/www/html/mysite; 43 # } 44 45 # Prevent clients from accessing hidden files (starting with a dot) 46 # This is particularly important if you store .htpasswd files in the site hierarchy 47 # Access to `/.well-known/` is allowed. 48 # https://www.mnot.net/blog/2010/04/07/well-known 49 # https://tools.ietf.org/html/rfc5785 50 location ~* /\.(?!well-known\/) { 51 deny all; 52 } 53 54 # Prevent clients from accessing to backup/config/source files 55 location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ { 56 deny all; 57 } 58 59 include /etc/nginx/common.d/*.conf; 60 include /mnt/ddev_config/nginx/*.conf; 61 }