]> git.somenet.org - root/pub/somesible.git/blob - roles/service/mattermost/vars/default/vars_nginx_vhost_custom.yml
roles/service/nextcloud/defaults
[root/pub/somesible.git] / roles / service / mattermost / vars / default / vars_nginx_vhost_custom.yml
1 #####################################
2 ### someone"s ansible provisioner ###
3 #####################################
4 # Part of: https://git.somenet.org/root/pub/somesible.git
5 # 2017-2024 by someone <someone@somenet.org>
6 #
7 ---
8 vhost_custom_pre_server: |-
9     upstream backend {
10         server localhost:8065;
11         keepalive 32;
12     }
13
14 vhost_custom: |-
15     # MM-Hack: https://.../@user -> redirect to "default"-team and @user message
16     #location ~ ^/@(.*)$ { return 301 /somenet/messages/$request_uri; }
17
18
19     # websocket
20     location ~ ^/api/v[0-9]+/(users/)?websocket$ {
21         gzip on;
22         gzip_types "*";
23         gzip_proxied any;
24         gzip_comp_level 5;
25         proxy_set_header Accept-Encoding "";
26
27         proxy_set_header Upgrade $http_upgrade;
28         proxy_set_header Connection "upgrade";
29         proxy_set_header Host $http_host;
30         proxy_set_header X-Real-IP $remote_addr;
31         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
32         proxy_set_header X-Forwarded-Proto $scheme;
33         proxy_set_header X-Frame-Options SAMEORIGIN;
34         proxy_connect_timeout 90;
35         proxy_send_timeout 300;
36         proxy_read_timeout 90s;
37         proxy_http_version 1.1;
38         proxy_buffers 256 16k;
39         proxy_buffer_size 16k;
40         client_max_body_size 50M;
41         client_body_timeout 60;
42         send_timeout 300;
43         lingering_timeout 5;
44         proxy_pass http://backend;
45     }
46
47
48     # api
49     location ~ /api/ {
50         if (-f /var/www/maintenance.html) {
51             return 503;
52         }
53
54         gzip on;
55         gzip_types "*";
56         gzip_proxied any;
57         gzip_comp_level 5;
58         proxy_set_header Accept-Encoding "";
59
60         proxy_set_header Connection "";
61         proxy_set_header Host $http_host;
62         proxy_set_header X-Real-IP $remote_addr;
63         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
64         proxy_set_header X-Forwarded-Proto $scheme;
65         proxy_set_header X-Frame-Options SAMEORIGIN;
66         proxy_read_timeout 600s;
67         proxy_buffers 256 16k;
68         proxy_buffer_size 16k;
69         client_max_body_size 1024M;
70         proxy_http_version 1.1;
71         proxy_pass http://backend;
72     }
73
74
75     # static files + everything else
76     location / {
77         if (-f /var/www/maintenance.html) {
78             return 503;
79         }
80
81         gzip on;
82         gzip_types "*";
83         gzip_proxied any;
84         gzip_comp_level 5;
85         proxy_set_header Accept-Encoding "";
86
87         proxy_set_header Connection "";
88         proxy_set_header Host $http_host;
89         proxy_set_header X-Real-IP $remote_addr;
90         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
91         proxy_set_header X-Forwarded-Proto $scheme;
92         proxy_set_header X-Frame-Options SAMEORIGIN;
93         proxy_read_timeout 600s;
94         proxy_buffers 256 16k;
95         proxy_buffer_size 16k;
96         client_max_body_size 1024M;
97         proxy_http_version 1.1;
98         proxy_pass http://backend;
99
100         # <MM-Hack: make mm google-indexable (at least some pages)>
101         sub_filter '<meta name="robots" content="noindex, nofollow">' '<meta name="robots" content="index, follow">';
102         sub_filter '<title>Mattermost</title>' '<title>SomeNet Mattermost Chat</title>';
103         sub_filter_last_modified on;
104         sub_filter_once off;
105         #sub_filter_types text/html;
106         # </MM-Hack: make mm google-indexable (at least some pages)>
107     }