Franziska Kunsmann
e091adaa64
All checks were successful
bundlewrap/pipeline/head This commit looks good
61 lines
1.4 KiB
Nginx Configuration File
61 lines
1.4 KiB
Nginx Configuration File
user ${username};
|
|
worker_processes ${worker_processes};
|
|
|
|
pid /var/run/nginx.pid;
|
|
|
|
|
|
events {
|
|
worker_connections ${worker_connections};
|
|
}
|
|
|
|
http {
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
charset UTF-8;
|
|
override_charset on;
|
|
|
|
sendfile on;
|
|
#tcp_nopush on;
|
|
|
|
keepalive_timeout 15;
|
|
client_body_timeout 12;
|
|
client_header_timeout 12;
|
|
send_timeout 10;
|
|
|
|
access_log off;
|
|
error_log off;
|
|
|
|
client_body_buffer_size 16K;
|
|
client_header_buffer_size 4k;
|
|
client_max_body_size 1M;
|
|
large_client_header_buffers 4 8k;
|
|
|
|
map $http_upgrade $connection_upgrade {
|
|
default upgrade;
|
|
'' close;
|
|
}
|
|
|
|
# GDPR compatible IP smashinator 5000000
|
|
map $remote_addr $ip_anonym1 {
|
|
default 0.0.0;
|
|
"~(?P<ip>(\d+)\.(\d+))\.(\d+)\.\d+" $ip;
|
|
"~(?P<ip>[^:]+:[^:]+):" $ip;
|
|
}
|
|
map $remote_addr $ip_anonym2 {
|
|
default .0.0;
|
|
"~(?P<ip>(\d+)\.(\d+)\.(\d+))\.\d+" .0.0;
|
|
"~(?P<ip>[^:]+:[^:]+):" ::;
|
|
}
|
|
map $ip_anonym1$ip_anonym2 $ip_anonymized {
|
|
default 0.0.0.0;
|
|
"~(?P<ip>.*)" $ip;
|
|
}
|
|
|
|
log_format gdpr '$ip_anonymized - $remote_user [$time_local] '
|
|
'"$request" $status $body_bytes_sent '
|
|
'"<stripped>" "$http_user_agent"';
|
|
|
|
log_format anon_timing '[$time_local] $request_time $upstream_response_time "$request" $status';
|
|
|
|
include /etc/nginx/sites/*;
|
|
}
|