patron
/
Hetzner


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125
							#user  nobody;
worker_processes 2; 
pcre_jit on ;
timer_resolution 500ms;

# This default error log path is compiled-in to make sure configuration parsing
# errors are logged somewhere, especially during unattended boot when stderr
# isn't normally logged anywhere. This path will be touched on every nginx
# start regardless of error log location configured here. See
# https://trac.nginx.org/nginx/ticket/147 for more info. 
#
#error_log  /var/log/nginx/error.log;
#

#pid        logs/nginx.pid;


events {
	worker_connections  1024;
	use kqueue;
}


http {
	include       mime.types;
	default_type  application/octet-stream;

	sendfile        on;

	keepalive_timeout  65;

	tcp_nopush     on;
	aio            on;

	gzip  on;
	gzip_comp_level 6;
	gzip_min_length  1100;
	gzip_buffers     16 8k;
	gzip_types       text/plain
		text/css
		text/javascript
		text/xml
		text/x-component
		application/javascript
		application/x-javascript
		application/json
		application/xml
		application/rss+xml
		application/atom+xml
		font/truetype
		font/opentype
		application/vnd.ms-fontobject
		image/svg+xml;
	gzip_proxied any;
	output_buffers   1 32k;
	postpone_output  1460;
	types {
		text/plain                            log;
	}

	ssl_dhparam /usr/local/etc/nginx/dhparam.pem;
	ssl_protocols TLSv1.2 TLSv1.3;
	ssl_ecdh_curve X25519:P-521:P-384:P-256;
	ssl_prefer_server_ciphers on;

	ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384";
	ssl_session_cache shared:SSL:10m;
	ssl_session_timeout 15m;
	ssl_session_tickets off;


	server {
		http2 on;
		listen 80 ; 
		listen [::]:80  ;
		server_name  poudriere.lapinbilly.eu ;

		#charset koi8-r;

		#access_log  logs/host.access.log  main;

		root         /usr/local/share/poudriere/html;

		# Allow caching static resources
		location ~* ^.+\.(jpg|jpeg|gif|png|ico|svg|woff|css|js|html)$ {
			add_header Cache-Control "public";
			expires 2d;
		}

		# redirect server error pages to the static page /50x.html
		#
		error_page   500 502 503 504  /50x.html;
		location = /50x.html {
			root   /usr/local/www/nginx-dist;
		}

		#access_log  logs/host.access.log  main;

		location /data {
			alias /usr/local/poudriere/data/logs/bulk;
			# Allow caching dynamic files but ensure they get rechecked
			location ~* ^.+\.(log|txz|tbz|bz2|gz)$ {
				add_header Cache-Control "public, must-revalidate, proxy-revalidate";
			}

			# Don't log json requests as they come in frequently and ensure
			# caching works as expected
			location ~* ^.+\.(json)$ {
				add_header Cache-Control "public, must-revalidate, proxy-revalidate";
				access_log off;
				log_not_found off;
			}

			# Allow indexing only in log dirs
			location ~ /data/?.*/(logs|latest-per-pkg)/ {
				autoindex on;
			}
			break;
		}
		location /packages {
	                        root /usr/local/poudriere/data;
	                        autoindex on;
		}
	}
}