Commit graph

101 commits

Author SHA1 Message Date
minibikini
f9380289eb Add remote_ip plug 2019-09-27 21:59:23 +00:00
df3feb9412 Make it obvious how to support dual stack for MongooseIM 2019-09-20 13:21:07 +00:00
kPherox
99b4847da3
Fix missing changes in 2019-08-30 21:00:50 +09:00
rinpatch
997e766929 Remove sudo in the nginx config command example 2019-06-23 07:39:23 +03:00
rinpatch
c013d3f3c8 Fix the webroot method in the nginx config 2019-06-22 20:26:59 +03:00
rinpatch
ddf5e6254a Fix nginx webroot method config 2019-06-21 05:46:21 +03:00
abedcca349 Sample Mongoose IM config.
Change domain, ensure paths to PEM files are correct, and this is good to go.
2019-05-31 20:36:33 +00:00
abc15b6dcc Improve Varnish config. We set sane headers from the backend now. 2019-05-28 21:20:24 +00:00
Alfie Pates
356c047759 explicitly set reverse proxy upstream to IPv4
since Pleroma.Web.Endpoint binds on IPv4 only and `localhost.` resolves to
  [::0] on some systems

  fixes .
2019-05-23 22:33:27 +01:00
lambda
a58813e7a1 Merge branch 'features/download-mastofe-build' into 'develop'
installation/download-mastofe-build.sh: Add mastofe CI-artifacts download

See merge request 
2019-05-01 10:48:30 +00:00
Dominik V. Salonen
498c96d458 Add supervisord configuration 2019-04-16 07:14:44 +00:00
lambda
1b4c4d29a3 Merge branch 'ssl_trusted_cert' into 'develop'
ssl_trusted_certificate should point to chain.pem if we're demonstrating...

See merge request 
2019-04-12 08:58:46 +00:00
Haelwenn (lanodan) Monnier
378b964d8e
installation/download-mastofe-build.sh: Add copyright header
[ci skip]
2019-04-12 07:39:49 +02:00
Haelwenn (lanodan) Monnier
b421dd3dd2
installation/download-mastofe-build.sh: Add mastofe CI-artifacts download
[ci skip]
2019-04-12 07:32:46 +02:00
Horsemans
10a9682596 ssl_trusted_certificate should point to chain.pem if we're demonstrating LetsEncrypt: https://community.letsencrypt.org/t/howto-ocsp-stapling-for-nginx/13611/5 2019-03-31 16:58:28 +00:00
Kenneth Zhao
e1bdaaa3fe need to put back ipv4 listen instruct 2019-02-26 08:41:37 -08:00
PEA
d3a6c065a4 Add ipv6 handling to pleroma.nginx
Replaces `listen 80` with `listen [::]:80`, same with 443
2019-02-25 23:37:46 -05:00
faried nawaz
c75e643a72
apache config: add instructions for mediaproxy. 2019-02-23 00:18:03 +05:00
shibayashi
d1752a81a8 Update service files of OpenRC and systemd to new recommended paths 2019-02-10 19:25:34 +00:00
shibayashi
1d8b578bb7
Recommend the acme-challenge path that is used in the installation guides 2019-02-09 23:08:27 +01:00
shibayashi
e868cfe619 Add /media to Caddy cache 2019-02-09 11:39:01 +00:00
vaartis
9e43a28bc3 Update the openrc service's retry with the correct format 2019-01-28 08:18:11 +00:00
shibayashi
2a818a3e77
Add comments and change default path of the Mix binary. 2019-01-17 19:49:54 +01:00
kaniini
c445c9e125 Merge branch 'fix-nginx-caching' into 'develop'
Fix nginx caching issues

See merge request 
2019-01-14 07:25:08 +00:00
Mark Felder
cc3a83a730 Fix nginx caching issues
Nginx is currently not caching data because proxy_buffering needs to be
enabled for caching to work at all, and we are receiving a Cache-Control
header from Pleroma that states "max-age=0, private, must-revalidate"

Even disregarding the Cache-Control header that should actually be set
to "public, max-age=1209600" as defined in the reverse_proxy code, we
don't want to obey this header at all as it overrides our Nginx caching
rules.
2019-01-10 21:29:05 +00:00
Mark Felder
efaa41fad2 Consistent intentation 2019-01-10 18:29:36 +00:00
Mark Felder
fda942c329 Cache partial objects for 10 minutes
This enables caching/streaming of chunked responses
2019-01-10 18:28:14 +00:00
Mark Felder
ce224ba5f0 Streaming is enabled by default
Support more filetypes for caching static media
2019-01-10 18:23:22 +00:00
kaniini
89fbed8821 Merge branch 'systemd-drop-sysadmin-privilege' into 'develop'
Security/Drops the sysadmin privilege from the daemon

See merge request 
2018-12-28 20:14:29 +00:00
shibayashi
64035201b5
Security/Drops the sysadmin privilege from the daemon 2018-12-28 21:09:48 +01:00
scarlett
4b40e4188c Simplify the NetBSD rc script. 2018-12-16 13:15:37 +00:00
scarlett
9d3eda1959 Add an rc.d script for NetBSD. 2018-12-16 12:33:50 +00:00
nonlinear
75f2177d5b Update/add OpenBSD config files 2018-12-15 14:00:00 -08:00
nonlinear
04513a13e0 Added init file for OpenBSD 2018-12-14 13:13:14 -08:00
Mark Felder
d56772c813 proxy buffering still needs to be off 2018-12-12 17:36:00 +00:00
Mark Felder
48c4f88ffd Update proxy config to improve behavior and allow compatibility with Safari on MacOS and iOS 2018-12-12 17:31:47 +00:00
href
97b00d366f
reverse_proxy: more headers 2018-11-30 18:00:57 +01:00
lambda
c3f562a611 Merge branch 'add-MIX_ENV-to-systemd-example' into 'develop'
Add MIX_ENV=prod to systemd example file

See merge request 
2018-11-13 12:24:29 +00:00
shibayashi
124a9bb7a5
Add MIX_ENV=prod 2018-11-12 23:01:06 +01:00
William Pitcock
e4bd5a6950 example configs: kill STS/CT headers 2018-11-11 06:56:46 +00:00
William Pitcock
057a9017b3 example configs: remove obsolete CSP configuration 2018-11-11 06:12:26 +00:00
William Pitcock
fd918863aa nginx example config: remove CORS headers, now managed by CORSPlug. 2018-11-11 05:42:30 +00:00
kaniini
e1c40b8ca2 Merge branch 'patch-2' into 'develop'
Remove Access-Control-Allow-Origin in pleroma.nginx

See merge request 
2018-11-06 21:24:16 +00:00
3ea4f9ac8d Remove Access-Control-Allow-Origin 2018-11-05 04:18:43 +00:00
shibayashi
800d233631
Use example.tld so a single search and replace works 2018-11-04 14:06:18 +01:00
shibayashi
941f9a888c
Update instructions 2018-11-03 23:59:52 +01:00
shibayashi
732d3fce73
Use the same example domain in all config examples 2018-11-03 23:44:26 +01:00
shibayashi
56c49513e0
Use the server name as variable 2018-11-03 23:41:37 +01:00
shibayashi
043cb7138e
Add a little bit more detail in the comments. 2018-10-25 00:57:47 +02:00
shibayashi
0a58428de6
Add some security related directives to the systemd service example 2018-10-25 00:37:31 +02:00