You've already forked pypi-proxy
144 lines
4.3 KiB
Nginx Configuration File
144 lines
4.3 KiB
Nginx Configuration File
user www-data;
|
|
worker_processes 4;
|
|
|
|
error_log /dev/stderr;
|
|
pid /var/run/nginx.pid;
|
|
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
include /etc/nginx/mime.types;
|
|
log_format 2 '$http_x_forwarded_for - $remote_user [$time_local] '
|
|
'"$request" $status $body_bytes_sent $upstream_cache_status "$http_referer" '
|
|
'"$http_user_agent"' ;
|
|
|
|
log_format kv 'site="$server_name" server="$host" dest_port="$server_port" dest_ip="$server_addr" '
|
|
'src="$remote_addr" src_ip="$realip_remote_addr" user="$remote_user" '
|
|
'time_local="$time_local" protocol="$server_protocol" status="$status" '
|
|
'cache_status="$upstream_cache_status" bytes_out="$bytes_sent" bytes_in="$upstream_bytes_received" '
|
|
'http_referer="$http_referer" http_user_agent="$http_user_agent" '
|
|
'nginx_version="$nginx_version" http_x_forwarded_for="$http_x_forwarded_for" '
|
|
'http_x_header="$http_x_header" uri_query="$query_string" uri_path="$uri" '
|
|
'http_method="$request_method" response_time="$upstream_response_time" '
|
|
'cookie="$http_cookie" request_time="$request_time" category="$sent_http_content_type" https="$https"';
|
|
access_log /dev/stdout kv;
|
|
|
|
default_type application/octet-stream;
|
|
|
|
sendfile on;
|
|
tcp_nodelay on;
|
|
tcp_nopush off;
|
|
|
|
reset_timedout_connection on;
|
|
|
|
server_tokens off;
|
|
|
|
# Cache 100G worth of packages for up to 1 month
|
|
proxy_cache_path /var/lib/nginx/pypi levels=1:2 keys_zone=pypi:16m inactive=1M max_size=100G;
|
|
|
|
# Multiple server definitions makes nginx retry on errors
|
|
upstream pypi {
|
|
server pypi.org:443;
|
|
server pypi.org:443;
|
|
keepalive 16;
|
|
}
|
|
|
|
# Multiple server definitions makes nginx retry on errors
|
|
upstream pypi-files {
|
|
server files.pythonhosted.org:443;
|
|
server files.pythonhosted.org:443;
|
|
keepalive 16;
|
|
}
|
|
|
|
gzip on;
|
|
gzip_types application/json text/css text/javascript;
|
|
gzip_proxied any;
|
|
gzip_vary on;
|
|
|
|
server {
|
|
listen 80 default_server;
|
|
server_name %%PYPI_HOSTNAME%%;
|
|
|
|
root /var/www;
|
|
|
|
proxy_cache pypi;
|
|
proxy_cache_key $uri;
|
|
proxy_cache_lock on;
|
|
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host pypi.org;
|
|
proxy_set_header Connection "";
|
|
proxy_set_header Accept-Encoding "";
|
|
proxy_ssl_name pypi.org;
|
|
proxy_ssl_server_name on;
|
|
|
|
# Rewrite any http redirects to use relative to proxy
|
|
proxy_redirect ~https?://pypi.org(.*) $1;
|
|
|
|
location / {
|
|
# Replace any reference to actual pypi w/ caching proxy
|
|
sub_filter 'https://pypi.org' $scheme://$host;
|
|
sub_filter 'https://files.pythonhosted.org' $scheme://%%PYPI_FILES_HOSTNAME%%;
|
|
sub_filter_once off;
|
|
sub_filter_types '*';
|
|
proxy_pass https://pypi;
|
|
proxy_cache off;
|
|
}
|
|
|
|
location ^~ /simple {
|
|
sub_filter 'https://pypi.org' $scheme://$host;
|
|
sub_filter 'https://files.pythonhosted.org' $scheme://%%PYPI_FILES_HOSTNAME%%;
|
|
sub_filter_types '*';
|
|
sub_filter_once off;
|
|
# Make sure URI ends with /
|
|
rewrite ^(.*[^/])$ $1/ break;
|
|
|
|
add_header X-Cache2 $upstream_cache_status;
|
|
|
|
proxy_cache_valid any 5m;
|
|
|
|
proxy_pass https://pypi;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name %%PYPI_FILES_HOSTNAME%%;
|
|
|
|
root /var/www;
|
|
|
|
proxy_cache pypi;
|
|
proxy_cache_key $uri;
|
|
proxy_cache_lock on;
|
|
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host files.pythonhosted.org;
|
|
proxy_set_header Connection "";
|
|
proxy_set_header Accept-Encoding "";
|
|
proxy_ssl_name files.pythonhosted.org;
|
|
proxy_ssl_server_name on;
|
|
|
|
# Rewrite any http redirects to use relative to proxy
|
|
proxy_redirect ~https?://files.pythonhosted.org(.*) $1;
|
|
|
|
location / {
|
|
# Replace any reference to actual pypi w/ caching proxy
|
|
sub_filter 'https://files.pythonhosted.org' $scheme://%%PYPI_FILES_HOSTNAME%%;
|
|
sub_filter_once off;
|
|
sub_filter_types '*';
|
|
proxy_pass https://pypi-files;
|
|
proxy_cache off;
|
|
}
|
|
|
|
location ^~ /packages {
|
|
add_header X-Cache2 $upstream_cache_status;
|
|
proxy_cache_valid any 1M;
|
|
proxy_pass https://pypi-files;
|
|
}
|
|
}
|
|
} |