Remove unused webserver configuration

And update nginx configuration with a rate limit
This commit is contained in:
Chocobozzz 2018-01-11 10:45:06 +01:00
parent 60650c77c8
commit 85cd9bde5a
No known key found for this signature in database
GPG Key ID: 583A612D890159BE
3 changed files with 5 additions and 79 deletions

View File

@ -1,26 +0,0 @@
<VirtualHost *:80>
ServerName peertube.example.org
CustomLog /var/log/apache2/peertube/peertube-access.log combined
ErrorLog /var/log/apache2/peertube/peertube-error.log
ProxyRequests Off
ProxyPreserveHost On
Timeout 900
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token, range"
Header set Access-Control-Allow-Methods "POST, GET, OPTIONS"
ProxyPass /tracker/socket "ws://localhost:9000/tracker/socket"
ProxyPassReverse /tracker/socket "ws://localhost:9000/tracker/socket"
ProxyPass / http://localhost:9000/
ProxyPassReverse / http://localhost:9000/
ProxyTimeout 1200
</VirtualHost>

View File

@ -1,51 +0,0 @@
server {
listen 80;
server_name domain.tld;
location / {
proxy_pass http://localhost:9000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# For the video upload
client_max_body_size 2G;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
# Bypass PeerTube webseed route for better performances
location /static/webseed {
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
alias /your/installation/PeerTube/videos;
}
# Websocket tracker
location /tracker/socket {
# Peers send a message to the tracker every 15 minutes
# Don't close the websocket before this time
proxy_read_timeout 1200s;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://localhost:9000;
}
}

View File

@ -6,8 +6,8 @@ server {
}
server {
listen 443 ssl http2; # spdy is deprecated on nginx
# listen [::]:443 ssl spdy;
listen 443 ssl http2;
# listen [::]:443 ssl http2;
server_name domain.tld;
# For example with Let's Encrypt
@ -30,6 +30,9 @@ server {
# Bypass PeerTube webseed route for better performances
location /static/webseed {
# Clients usually have 4 simultaneous webseed connections, so the real limit is 3MB/s per client
limit_rate 800k;
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';