~abcdw/trop.in

e31dd9ccbcbefa633475874fae4221e777efe14d — Andrew Tropin 9 months ago 4546ea8
Add keepalive to proxies upstreams
1 files changed, 35 insertions(+), 29 deletions(-)

M src/tropin/machines.scm
M src/tropin/machines.scm => src/tropin/machines.scm +35 -29
@@ 25,26 25,33 @@
          #:key
          domain-prefix
          (cert-path-prefix "/srv/nginx/ssl"))
  (let ((backend-host (string-append domain-prefix "gnu.org")))
    `(server
      ((listen 80)
       (listen ,#~"[::]:80")
       (listen 443 ssl)
       (listen ,#~"[::]:443" ssl)
       ,#~""
       (ssl_certificate
        ,#~#$(string-append cert-path-prefix "/hundredrps.pem"))
       (ssl_certificate_key
        ,#~#$(string-append cert-path-prefix "/hundredrps.key"))
       (ssl_protocols TLSv1.2)
       ,#~""
       (server_name ,#~#$(string-append domain-prefix "trop.in")
                    ,#~#$(string-append domain-prefix "ygg.trop.in"))
       ,#~""
       (location
        /
        ((proxy_pass ,#~#$(string-append "https://" backend-host))
         (proxy_set_header HOST ,#~#$backend-host)))))))
  (let ((backend-host (string-append domain-prefix "gnu.org"))
        (upstream-name (string-append domain-prefix "upstream")))
    `((upstream
       ,(string->symbol upstream-name)
       ((server ,(string->symbol backend-host))
        (keepalive 64)))
      (server
       ((listen 80)
        (listen ,#~"[::]:80")
        (listen 443 ssl)
        (listen ,#~"[::]:443" ssl)
        ,#~""
        (ssl_certificate
         ,#~#$(string-append cert-path-prefix "/hundredrps.pem"))
        (ssl_certificate_key
         ,#~#$(string-append cert-path-prefix "/hundredrps.key"))
        (ssl_protocols TLSv1.2)
        ,#~""
        (server_name ,#~#$(string-append domain-prefix "trop.in")
                     ,#~#$(string-append domain-prefix "ygg.trop.in"))
        ,#~""
        (location
         /
         ((proxy_pass ,#~#$(string-append "http://" upstream-name))
          (proxy_set_header Connection "")
          (proxy_http_version 1.1)
          (proxy_set_header HOST ,#~#$backend-host))))))))

(define main-server-context
  `(server


@@ 105,15 112,14 @@
       `((server_tokens off)
         (include  ,(file-append nginx "/share/nginx/conf/mime.types")))
       (interpose
        (list
         (guix-mirror-server-context
          #:domain-prefix "guix.")
         (guix-mirror-server-context
          #:domain-prefix "ci.guix.")
         (guix-mirror-server-context
          #:domain-prefix "issues.guix.")
         main-server-context
         files-server-context)
        `(,@(guix-mirror-server-context
             #:domain-prefix "guix.")
          ,@(guix-mirror-server-context
             #:domain-prefix "ci.guix.")
          ,@(guix-mirror-server-context
             #:domain-prefix "issues.guix.")
          ,main-server-context
          ,files-server-context)
        #~"")))
    ,#~""
    ,(rtmp-context