pid /django/nginx.pid; daemon off; error_log /dev/stderr warn; events {} http { include /etc/nginx/mime.types; client_body_temp_path /tmp/nginx; proxy_temp_path /tmp/nginx; gzip on; gzip_vary on; gzip_min_length 100; gzip_types *; upstream django { server unix:///django/sock fail_timeout=0; } server { include /maybe_ssl.conf; access_log /dev/stdout; root /django_static; charset utf-8; # location = /django_auth { # internal; # proxy_pass http://django/auth/is_authorized/; # proxy_pass_request_body off; # proxy_set_header Content-Length ""; # proxy_set_header Host ${DOLLAR}http_host; # proxy_set_header X-Original-URI ${DOLLAR}request_uri; # proxy_set_header X-Forwarded-For ${DOLLAR}proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-Proto ${DOLLAR}http_x_forwarded_proto; # } location /frontend/ { # auth_request /django_auth; alias /vue/dist/; } location /static { alias /django_static; } keepalive_timeout 5; location / { client_max_body_size 10M; proxy_pass http://django; proxy_redirect off; proxy_set_header X-Forwarded-For ${DOLLAR}proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto ${DOLLAR}http_x_forwarded_proto; proxy_set_header Host ${DOLLAR}http_host; } location /ws/ { # we don't want nginx trying to do something clever with # redirects, we set the Host: header above already. proxy_pass http://django/ws/; proxy_http_version 1.1; proxy_set_header Upgrade ${DOLLAR}http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header X-Forwarded-For ${DOLLAR}proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto ${DOLLAR}http_x_forwarded_proto; proxy_set_header Host ${DOLLAR}http_host; proxy_read_timeout 3600s; } location /${MEDIA_URL} { # auth_request /django_auth; # error_page 403 = @error403; alias ${MEDIA_ROOT}; } location @error403 { absolute_redirect off; return 302 /; } } }