cohd_api/nginx.conf at master · WengLab-InformaticsResearch/cohd_api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
user  nginx;
worker_processes auto;
error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;
events {
    worker_connections 1024;
}
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    keepalive_timeout  65;
    include /etc/nginx/conf.d/*.conf;

	##
	# Gzip Settings
	##
    gzip on;

	##
	# SSL Settings
	# Note: This currently must be set up manually for the COHD Docker container. See README for instructions.
	##
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;
#    server {
#        listen 443 ssl default_server;
#
#        # server_name cohd.nsides.io cohd.chunhualab.org cohd.io www.cohd.io;
#        server_name cohd.io tr-kp-clinical.ncats.io;
#
#        # https
#        ssl_certificate /etc/letsencrypt/live/cohd.io/fullchain.pem;
#        ssl_certificate_key /etc/letsencrypt/live/cohd.io/privkey.pem;
#
#        location /api {
#            include uwsgi_params;
#            uwsgi_pass unix:///tmp/uwsgi.sock;
#            uwsgi_read_timeout 600;
#        }
#
#         location /health {
#             access_log off;  # Don't log health status checks
#             include uwsgi_params;
#             uwsgi_pass unix:///tmp/uwsgi.sock;
#             uwsgi_read_timeout 60;
#         }
#
#        location / {
#            root /app/cohd/site;
#            index index.html;
#            try_files $uri $uri/ =404;
#        }
#    }

    server {
        listen 80 default_server;
        server_name cohd.io tr-kp-clinical.ncats.io;

        # For certbot verification for HTTPS
        location ~ /.well-known {
            root /root/certbot;
        }

        location /api {
            include uwsgi_params;
            uwsgi_pass unix:///tmp/uwsgi.sock;
            uwsgi_read_timeout 600;
        }

        location /health {
            access_log off;  # Don't log health status checks
            error_log /dev/null;  # Also don't log errors on health status checks because of flooding
            include uwsgi_params;
            uwsgi_pass unix:///tmp/uwsgi.sock;
            uwsgi_read_timeout 60;
        }

        location / {
            root /app/cohd/site;
            index index.html;
            try_files $uri $uri/ =404;
        }
    }


}
daemon off;