Files
@ e58a1891d554
Branch filter:
Location: symposion_app/deploy/nginx.conf - annotation
e58a1891d554
1.8 KiB
text/x-nginx-conf
Add migration for profile change, update CONFERENCE_ID for 2024
0c3e579b8d36 0c3e579b8d36 33305d27ac85 0c3e579b8d36 0c3e579b8d36 83356e5ac6f2 83356e5ac6f2 83356e5ac6f2 83356e5ac6f2 83356e5ac6f2 0c3e579b8d36 0c3e579b8d36 83356e5ac6f2 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 83356e5ac6f2 83356e5ac6f2 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 5d2cff674dd4 0c3e579b8d36 1d0d5e1d102d 0c3e579b8d36 dd23015270d2 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 c56b15f279d1 0c3e579b8d36 c56b15f279d1 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 0c3e579b8d36 | upstream {{ site_name }}_django_wsgi {
keepalive 2; # Cache 2 connections.
server unix:/tmp/{{ site_name }}_uwsgi.sock;
}
server {
listen 80;
server_name {{ env.domain }};
return 301 https://{{ env.domain }}$request_uri;
}
server {
listen 443 ssl http2;
server_name {{ env.domain }};
client_max_body_size 50M;
ssl_certificate /etc/letsencrypt/live/{{ env.domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ env.domain }}/privkey.pem;
# Ask for HTTPS for 180 days.
add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
# Advise browsers not to use content type sniffing to reduce chance of XSS attacks.
add_header X-Content-Type-Options nosniff;
# Advise browser to only load external content from these sites.
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://code.jquery.com/jquery-3.5.1.min.js https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js https://js.stripe.com/v3/ https://r.stripe.com/0";
location / {
# Django web application including static files (via WhiteNoise).
uwsgi_pass symposion_django_wsgi;
include uwsgi_params;
# Disable gzip compression when where traffic might be over SSL
# to avoid an attack that may compromise Django's CSRF
# protection. See:
# https://www.djangoproject.com/weblog/2013/aug/06/breach-and-django/
gzip off;
}
location /site_media/ {
# User-uploaded files and generated reports.
alias {{ project_dir }}/pinaxcon/site_media/;
expires 1y;
}
location /.well-known/ {
# Used for "acmi-challenge".
alias {{ project_dir }}/htdocs/.well-known/;
}
}
|