matt
/
port-nimara-client-portal
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
port-nimara-client-portal/nginx/client.portnimara.dev.conf

198 lines
6.0 KiB
Plaintext
Raw Blame History

# Include upstream configuration
include /etc/nginx/conf.d/upstream.conf;
server {
if ($host = client.portnimara.dev) {
return 301 https://$host$request_uri;
} # managed by Certbot
client_max_body_size 64M;
listen 80;
server_name client.portnimara.dev;
location / {
return 301 https://$host$request_uri;
}
location ^~ /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
default_type "text/plain";
allow all;
}
}
server {
client_max_body_size 64M;
# Timeout configurations to prevent 502 errors
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
send_timeout 300s;
# Client timeout settings
client_body_timeout 300s;
client_header_timeout 300s;
# Buffer settings to handle larger responses
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
# Keepalive settings
keepalive_timeout 65;
keepalive_requests 100;
listen 443 ssl http2;
server_name client.portnimara.dev;
ssl_certificate /etc/letsencrypt/live/client.portnimara.dev/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/client.portnimara.dev/privkey.pem; # managed by Certbot
# Error pages
error_page 502 503 504 /error-502.html;
location = /error-502.html {
root /etc/nginx/error-pages;
internal;
}
# Health check endpoint (bypass upstream for monitoring)
location = /api/health {
proxy_pass http://port_nimara_backend;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Short timeout for health checks
proxy_connect_timeout 5s;
proxy_send_timeout 5s;
proxy_read_timeout 5s;
# Don't retry health checks
proxy_next_upstream off;
}
location / {
proxy_pass http://port_nimara_backend;
proxy_http_version 1.1;
# Headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Real-IP $http_cf_connecting_ip;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Disable buffering for real-time responses
proxy_request_buffering off;
proxy_buffering off;
# Apply timeout settings
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
# Retry logic for better resilience
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
proxy_next_upstream_tries 3;
proxy_next_upstream_timeout 10s;
# Add custom header to track retries
add_header X-Upstream-Status $upstream_status always;
}
location /api/ {
proxy_pass http://port_nimara_backend;
proxy_http_version 1.1;
# Headers
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Extended timeouts for API routes (webhooks, IMAP operations)
proxy_connect_timeout 600s;
proxy_send_timeout 600s;
proxy_read_timeout 600s;
# Disable buffering for API responses
proxy_request_buffering off;
proxy_buffering off;
# Retry logic
proxy_next_upstream error timeout http_502 http_503;
proxy_next_upstream_tries 2;
proxy_next_upstream_timeout 30s;
}
# Special handling for long-running email operations
location ~ ^/api/email/(send|fetch-thread|test-connection) {
proxy_pass http://port_nimara_backend;
proxy_http_version 1.1;
# Headers
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Extra long timeouts for email operations
proxy_connect_timeout 900s;
proxy_send_timeout 900s;
proxy_read_timeout 900s;
# Disable buffering
proxy_request_buffering off;
proxy_buffering off;
# No retry for email operations (to avoid duplicates)
proxy_next_upstream off;
}
# Special handling for Documenso operations
location ~ ^/api/(email/generate-eoi-document|eoi/) {
proxy_pass http://port_nimara_backend;
proxy_http_version 1.1;
# Headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Extended timeouts for document operations
proxy_connect_timeout 300s;
proxy_send_timeout 300s;
proxy_read_timeout 300s;
# Enable buffering for large responses
proxy_buffering on;
proxy_buffer_size 128k;
proxy_buffers 8 256k;
# Retry logic for Documenso
proxy_next_upstream error timeout http_502 http_503;
proxy_next_upstream_tries 3;
proxy_next_upstream_timeout 20s;
}
location ^~ /.well-known/acme-challenge/ {
alias /var/www/html/.well-known/acme-challenge/;
default_type "text/plain";
allow all;
}
}
Reference in New Issue View Git Blame Copy Permalink