mirror of https://github.com/rhaamo/camgear
5 changed files with 252 additions and 13 deletions
@ -0,0 +1,74 @@ |
|||
upstream camgear { |
|||
server localhost:5000; |
|||
} |
|||
|
|||
map $http_upgrade $connection_upgrade { |
|||
default upgrade; |
|||
'' close; |
|||
} |
|||
|
|||
server { |
|||
listen 80; |
|||
listen [::]:80; |
|||
server_name demo.camgear.squeaky.tech; |
|||
location / { return 301 https://$host$request_uri; } |
|||
} |
|||
server { |
|||
listen 443 ssl; |
|||
listen [::]:443 ssl; |
|||
server_name demo.camgear.squeaky.tech; |
|||
|
|||
# TLS |
|||
ssl_protocols TLSv1.2; |
|||
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA; |
|||
ssl_prefer_server_ciphers on; |
|||
ssl_session_cache shared:SSL:10m; |
|||
|
|||
# HSTS |
|||
add_header Strict-Transport-Security "max-age=31536000"; |
|||
|
|||
# Security related headers |
|||
|
|||
# add_header Content-Security-Policy "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; object-src 'none'; media-src 'self' data:"; |
|||
|
|||
# compression settings |
|||
gzip on; |
|||
gzip_comp_level 5; |
|||
gzip_min_length 256; |
|||
gzip_proxied any; |
|||
gzip_vary on; |
|||
|
|||
gzip_types |
|||
application/javascript |
|||
application/vnd.geo+json |
|||
application/vnd.ms-fontobject |
|||
application/x-font-ttf |
|||
application/x-web-app-manifest+json |
|||
font/opentype |
|||
image/bmp |
|||
image/svg+xml |
|||
image/x-icon |
|||
text/cache-manifest |
|||
text/css |
|||
text/plain |
|||
text/vcard |
|||
text/vnd.rim.location.xloc |
|||
text/vtt |
|||
text/x-component |
|||
text/x-cross-domain-policy; |
|||
|
|||
location / { |
|||
proxy_pass http://camgear/; |
|||
} |
|||
|
|||
location /static/ { |
|||
alias /home/camgear/data/static/; |
|||
} |
|||
|
|||
location /media/ { |
|||
alias /home/camgear/data/media/; |
|||
} |
|||
|
|||
ssl_certificate /etc/letsencrypt/live/demo.camgear.squeaky.tech/fullchain.pem; # managed by Certbot |
|||
ssl_certificate_key /etc/letsencrypt/live/demo.camgear.squeaky.tech/privkey.pem; # managed by Certbot |
|||
} |
@ -0,0 +1,12 @@ |
|||
[Unit] |
|||
Description=Camgear application server |
|||
After=postgresql.service |
|||
|
|||
[Service] |
|||
User=camgear |
|||
WorkingDirectory=/home/camgear/camgear/api |
|||
EnvironmentFile=/home/camgear/camgear/.env |
|||
ExecStart=/home/camgear/camgear/venv/bin/gunicorn config.asgi:application -w ${CAMGEAR_WEB_WORKERS} -k uvicorn.workers.UvicornWorker -b ${CAMGEAR_API_IP}:${CAMGEAR_API_PORT} |
|||
|
|||
[Install] |
|||
WantedBy=multi-user.target |
@ -0,0 +1,8 @@ |
|||
CAMGEAR_API_IP=127.0.0.1 |
|||
CAMGEAR_API_PORT=8000 |
|||
CAMGEAR_WEB_WORKERS=1 |
|||
CAMGEAR_HOSTNAME=127.0.0.1 |
|||
CAMGEAR_PROTOCOL=http |
|||
DJANGO_ALLOWED_HOSTS=localhost,0.0.0.0,127.0.0.1 |
|||
DJANGO_SETTINGS_MODULE=config.settings.local |
|||
DATABASE_URL=postgresql://camgear@:5432/camgear |
@ -0,0 +1,66 @@ |
|||
# If you're tweaking this file from the template, ensure you edit at least the |
|||
# following variables: |
|||
# - DJANGO_SECRET_KEY |
|||
# - CAMGEAR_HOSTNAME |
|||
# - EMAIL_CONFIG and DEFAULT_FROM_EMAIL if you plan to send emails) |
|||
# On non-docker setup **only**, you'll also have to tweak/uncomment those variables: |
|||
# - DATABASE_URL |
|||
# - CACHE_URL |
|||
|
|||
# Set this variables to bind the API server to another interface/port |
|||
# example: CAMGEAR_API_IP=0.0.0.0 |
|||
# example: CAMGEAR_API_PORT=5678 |
|||
CAMGEAR_API_IP=127.0.0.1 |
|||
CAMGEAR_API_PORT=5000 |
|||
# The number of web workers to start in parallel. Higher means you can handle |
|||
# more concurrent requests, but also leads to higher CPU/Memory usage |
|||
CAMGEAR_WEB_WORKERS=1 |
|||
# Replace this by the definitive, public domain you will use for |
|||
# your instance |
|||
CAMGEAR_HOSTNAME=yourdomain.camgear |
|||
CAMGEAR_PROTOCOL=https |
|||
|
|||
# Configure email sending using this variale |
|||
# By default, camgear will output emails sent to stdout |
|||
# here are a few examples for this setting |
|||
# EMAIL_CONFIG=consolemail:// # output emails to console (the default) |
|||
# EMAIL_CONFIG=dummymail:// # disable email sending completely |
|||
# On a production instance, you'll usually want to use an external SMTP server: |
|||
# EMAIL_CONFIG=smtp://user@:password@youremail.host:25 |
|||
# EMAIL_CONFIG=smtp+ssl://user@:password@youremail.host:465 |
|||
# EMAIL_CONFIG=smtp+tls://user@:password@youremail.host:587 |
|||
|
|||
# The email address to use to send system emails. |
|||
# DEFAULT_FROM_EMAIL=noreply@yourdomain |
|||
|
|||
# API/Django configuration |
|||
|
|||
# Database configuration |
|||
# Examples: |
|||
# DATABASE_URL=postgresql://<user>:<password>@<host>:<port>/<database> |
|||
# DATABASE_URL=postgresql://camgear:passw0rd@localhost:5432/camgear_database |
|||
# Use the next one if you followed Debian installation guide |
|||
# DATABASE_URL=postgresql://camgear@:5432/camgear |
|||
|
|||
# Where media files (such as album covers or audio tracks) should be stored |
|||
# on your system? |
|||
# (Ensure this directory actually exists) |
|||
MEDIA_ROOT=/srv/camgear/data/media |
|||
|
|||
# Where static files (such as API css or icons) should be compiled |
|||
# on your system? |
|||
# (Ensure this directory actually exists) |
|||
STATIC_ROOT=/srv/camgear/data/static |
|||
|
|||
# which settings module should django use? |
|||
# You don't have to touch this unless you really know what you're doing |
|||
DJANGO_SETTINGS_MODULE=config.settings.production |
|||
|
|||
# Generate one using `openssl rand -base64 45`, for example |
|||
DJANGO_SECRET_KEY= |
|||
|
|||
# You don't have to edit this, but you can put the admin on another URL if you |
|||
# want to |
|||
# DJANGO_ADMIN_URL=^api/admin/ |
|||
|
|||
DJANGO_ALLOWED_HOSTS=localhost,camgear |
Loading…
Reference in new issue