revision-diff.txt (9.02 KB)
nice commit , hope this will work on Mack/Windows as well.
···
On Tue, Dec 18, 2012 at 6:32 PM, noreply@launchpad.net wrote:
revno: 639
committer: Lars Helge Øverland larshelge@gmail.com
branch nick: dhis2-docbook-docs
timestamp: Tue 2012-12-18 14:01:15 +0100
message:
Simplified the nginx cache setup. Thanks to Bob for tip.
modified:
src/docbkx/en/dhis2_implementation_guide_installation.xml
–
lp:~dhis2-documenters/dhis2/dhis2-docbook-docs
https://code.launchpad.net/~dhis2-documenters/dhis2/dhis2-docbook-docs
Your team DHIS 2 developers is subscribed to branch lp:~dhis2-documenters/dhis2/dhis2-docbook-docs.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-documenters/dhis2/dhis2-docbook-docs/+edit-subscription
=== modified file ‘src/docbkx/en/dhis2_implementation_guide_installation.xml’
— src/docbkx/en/dhis2_implementation_guide_installation.xml 2012-12-13 15:10:02 +0000
+++ src/docbkx/en/dhis2_implementation_guide_installation.xml 2012-12-18 13:01:15 +0000
@@ -127,11 +127,10 @@
<para>nginx configuration is built around a hierarchy of blocks representing http, server and location, where each block inherit settings from parent blocks. The following snippet will configure nginx to proxy pass (redirect) requests from port 80 (which is the port nginx will listen on by default) to our Tomcat instance. It will also make nginx serve requests for static content such as javascript, stylesheets and images and instruct clients to cache it for 4 days which will reduce the load on Tomcat and improve overall performance. Include the following configuration in nginx.conf:</para> <para><screen><</emphasis> The first server block will rewrite all requests connecting to port 80 and force the use of HTTPS/SSL. This is also necessary because DHIS is using a lot of redirects internally which must be passed on to use HTTPS. Remember to replace <emphasis role="italic"><server-ip></emphasis> with the IP of your server. These blocks should replace the one from the previous section.</para>
<screen><; proxy_redirect off;
@@ -208,24 +209,29 @@
<para>Requests for reports, charts, maps and other analysis-related resources will often take some time to respond and might utilize a lot of server resources. In order to improve response times, reduce the load on the server and hide potential server downtime we can
introduce a cache proxy in our server setup. However, a cache proxy cannot cache content
which is served over SSL/HTTPS since the content will be encrypted and the response headers
cannot be understood by the server. The following configuration will serve reports, data
visualizer, GIS and dashboard modules over HTTP while serving all other modules over
SSL/HTTPS. Analysis-related requests will be cached by nginx. The cached content will be
introduce a cache proxy in our server setup. This setup will cache analysis related content
which typically requries the most server resources to produce. The cached content will be stored in directory /var/cache/nginx, and up to 250 MB of storage will be allocated. Nginx will create this directory automatically.</para> <screen>http {
…
- root /home/dhis/tomcat/webapps/ROOT; # update path!
root /home/dhis/tomcat/webapps/ROOT; # Update path!
proxy_cache_path /var/cache/nginx keys_zone=dhis:250m inactive=1d;
- <$request_uri? permanent;
}
Serve static content
location ~* (.js$|.css$|.gif$|.woff$|.ttf$|.eot$|^/images/|^/icons/|^/dhis-web-commons/.*.png$) {
add_header Cache-Control public;
expires 7d;
}
Proxy pass to servlet container, update URL!
location / {
proxy_pass [http://localhost:8080](http://localhost:8080);
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
HTTP server
server {
listen 80;
client_max_body_size 10M;
Rewrite security and about namespace to HTTPS, update domain!
location ~ ^/(dhis-web-commons/security|dhis-web-commons-security|dhis-web-commons-about) {
rewrite ^ [https://yourdomain.org](https://yourdomain.org)$request_uri? permanent;
}
Serve static content
location ~* (.js$|.css$|.gif$|.woff$|.ttf$|.eot$|^/images/|^/icons/|^/dhis-web-commons/.*.png$) {
add_header Cache-Control public;
expires 7d;
}
Cache and proxy pass analysis to servlet container, update URL!
Serve static content
location ~ (.js$|.css$|.gif$|.woff$|.ttf$|.eot$|^/images/|^/icons/|^/dhis-web-commons/.*.png$) {
add_header Cache-Control public;
expires 7d;
}
Cache and proxy pass analysis related requests to servlet container
location ~ (api/(chart*|map*|reports|reportTables)|generateDataSetReport.action|exportTable.action) {
proxy_pass [http://localhost:8080](http://localhost:8080);
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_cache dhis;
}
Proxy pass analysis modules to servlet container, update URL!
location ~ ^/(api|dhis-web-commons|dhis-web-mapping|dhis-web-visualizer|dhis-web-reporting|dhis-web-dashboard-integration) {
proxy_pass [http://localhost:8080](http://localhost:8080);
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
}
Rewrite remaining to HTTPS, update domain!
proxy_pass [http://localhost:8080](http://localhost:8080);
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_cache dhis;
}
Proxy pass remaining requests to servlet container
location / {
rewrite ^ [https://yourdomain.org](https://yourdomain.org)$request_uri? permanent;
proxy_pass [http://localhost:8080/](http://localhost:8080/);
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
- }
- }]]>
}
Mailing list: https://launchpad.net/~dhis2-devs
Post to : dhis2-devs@lists.launchpad.net
Unsubscribe : https://launchpad.net/~dhis2-devs
More help : https://help.launchpad.net/ListHelp
–
Regards,
Brajesh