nginx.conf

4/27/2018 - 6:43 PM
# define resource usage
worker_processes     2;
worker_cpu_affinity  01 10; # select what cores each worker runs on
worker_priority      20;
worker_rlimit_nofile 8192;

thread_pool twerkers threads=8; # minimized thread pool (feel free to tweak)
timer_resolution 100ms;         # rate limit the gettimeofday system calls

# define logging paths
error_log  /etc/nginx/error.log;
pid        /etc/nginx/nginx.pid;

# define max connections allowed
events {
  worker_connections 1024;
}

http {
  aio threads=twerkers; # allow async i/o

  upstream gitlab_tunnel {
    server 172.16.10.2:80;
  }
  upstream dex_tunnel {
    least_conn;
    server 172.16.10.3:5556;
    server 172.16.10.4:5556;
  }
  upstream jupyter_tunnel {
    server 172.16.10.7:80;
  }

  proxy_redirect off;
  proxy_pass_request_body on;
  proxy_set_header Content-Length "";
  proxy_set_header X-Original-URI $request_uri;
  proxy_set_header Host $http_host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $scheme;

  ssl_certificate     /etc/nginx/baltimorepython.com.rsa.crt;
  ssl_certificate_key /etc/nginx/baltimorepython.com.rsa.key;

  # redirect http requests to https
  server {
    listen 80;
    server_name baltimorepython.com *.baltimorepython.com;
    return 301 https://$server_name$request_uri;
  }

  server { # reverse proxy for gitlab
    listen 443 ssl;
    server_name gitlab.baltimorepython.com;
    location / {
      proxy_pass http://gitlab_tunnel;
    }
  }
  server { # reverse proxy for dex
    listen 443 ssl;
    server_name dex.baltimorepython.com;
    location / {
      proxy_pass http://dex_tunnel;
    }
  }
  server { # reverse proxy for jupyter
    listen 443 ssl;
    server_name jupyter.baltimorepython.com;
    location / {
      proxy_pass http://jupyter_tunnel;
    }
  }

  server {
    listen 443 ssl;
    server_name baltimorepython.com;

    # redirect baltimorepython.com/gitlab -> gitlab.baltimorepython.com
    location /gitlab/ {
      return 301 https://gitlab.baltimorepython.com$request_uri;
    }
    # redirect baltimorepython.com/dex -> dex.baltimorepython.com
    location /dex/ {
      return 301 https://dex.baltimorepython.com$request_uri;
    }
    # redirect baltimorepython.com/jupyter -> jupyter.baltimorepython.com
    location /jupyter/ {
      return 301 https://jupiter.baltimorepython.com$request_uri;
    }

  }
}
Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

nginx.conf
