nexus-nginx.conf.j2 (1049B)
1 server { 2 3 include conf.d/listen.conf.inc; 4 5 server_name {{ nexus_domain }}; 6 7 {%if nexus_use_letsencrypt %} 8 ssl_certificate /etc/letsencrypt/live/nexus/fullchain.pem; 9 ssl_certificate_key /etc/letsencrypt/live/nexus/privkey.pem; 10 ssl_trusted_certificate /etc/letsencrypt/live/nexus/chain.pem; 11 {% else %} 12 ssl_certificate /etc/nginx/ssl/nexus.crt; 13 ssl_certificate_key /etc/nginx/ssl/nexus.key; 14 {% endif %} 15 16 # Bigger than default timeout to support long polling 17 proxy_read_timeout 6500s; 18 keepalive_requests 1000000; 19 keepalive_timeout 6500s; 20 21 error_log /var/log/nginx/{{ nexus_domain }}.err; 22 access_log /var/log/nginx/{{ nexus_domain }}.log; 23 24 access_log /var/log/nginx/{{ nexus_domain }}.tal taler if=$log_perf; 25 26 # We only expose this one API for now. 27 # The wire transfer API is protected by an 28 # access token but very sensitive, so 29 # we don't expose it. 30 # Other nexus APIs might be allowed 31 # in the future. 32 location /taler-prepared-transfer/ { 33 proxy_pass http://localhost:8082/taler-prepared-transfer/; 34 } 35 }