kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-11-23 21:45:14 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
854e6902d3e7aa845b34629ac30f044401cc2c80
computer-playbook/roles/sys-svc-proxy/templates/location
History
Kevin Veen-Birkenbach 002f8de3ec feat(proxy): add configurable client_max_body_size for HTML and upload locations 
This commit introduces a unified mechanism to configure client_max_body_size
for both HTML and upload locations in the sys-svc-proxy role. The directive
is now injected early in html.conf.j2 and moved to a dedicated block in
upload.conf.j2 to ensure consistent behavior for large file uploads such as
OpenProject attachments.

Additionally:
- Added client_max_body_size variable override from web-app-openproject (set to 30m).
- Reordered header includes to avoid duplicate injection.
- Improved comments and structure for better clarity.

Reference: https://chatgpt.com/share/691d873e-9b50-800f-ae70-baf8bf1e5454
2025-11-19 10:02:33 +01:00
..
html.conf.j2
feat(proxy): add configurable client_max_body_size for HTML and upload locations
2025-11-19 10:02:33 +01:00
media.conf.j2
Refactored server roles for better readability
2025-09-01 18:08:35 +02:00
README.md
Refactored server roles for better readability
2025-09-01 18:08:35 +02:00
TODO.md
Refactored server roles for better readability
2025-09-01 18:08:35 +02:00
upload.conf.j2
feat(proxy): add configurable client_max_body_size for HTML and upload locations
2025-11-19 10:02:33 +01:00
ws.conf.j2
Nextcloud/Talk: add Janus config & fix WebSocket proxying
2025-09-30 11:14:15 +02:00

README.md

Nginx Location Templates

This directory contains Jinja2 templates for different Nginx location blocks, each designed to proxy and optimize different types of web traffic. These templates are used by the sys-svc-proxy role to modularize and standardize reverse proxy configuration across a wide variety of applications.

Overview of Files

html.conf.j2

  • Purpose:
    Handles "normal" web traffic such as HTML pages, API endpoints, and general HTTP(S) requests.
  • Features:
    • Proxies requests to the backend service.
    • Optionally integrates with OAuth2 proxy for authentication.
    • Sets all necessary proxy headers.
    • Applies a Content Security Policy header.
    • Activates buffering for advanced features such as Lua-based string replacements.
    • Supports WebSocket upgrades for hybrid APIs.

ws.conf.j2

  • Purpose:
    Handles WebSocket connections, enabling real-time features such as live updates or chats.
  • Features:
    • Sets all headers required for WebSocket upgrades.
    • Disables proxy buffering (required for WebSockets).
    • Uses tcp_nodelay for low latency.
    • Proxies traffic to the backend WebSocket server.

media.conf.j2

  • Purpose:
    Proxies and caches static media files (images, icons, etc.).
  • Features:
    • Matches image file extensions (jpg, png, gif, webp, ico, svg, etc.).
    • Enables browser-side and proxy-side caching for efficient delivery.
    • Adds cache control headers and exposes the upstream cache status.

Usage

These templates are intended for inclusion in larger Nginx configuration files via Jinja2.
They modularize your configuration by separating HTML, WebSocket, and media proxying, allowing for clear, reusable, and maintainable reverse proxy logic.

  • Use html.conf.j2 for standard application HTTP/S endpoints.
  • Use ws.conf.j2 for dedicated WebSocket endpoints.
  • Use media.conf.j2 for efficient handling of static media content.

Best Practices

  • Only enable WebSocket proxying (ws.conf.j2) for routes that actually require it, to avoid breaking buffering for standard HTTP.
  • Activate media proxying (media.conf.j2) if your application benefits from image caching at the proxy layer.
  • Keep templates modular for maintainability and scalability as your application grows.