diff --git a/hydra/nginx/berlin.scm b/hydra/nginx/berlin.scm index 303fd35..a57640e 100644 --- a/hydra/nginx/berlin.scm +++ b/hydra/nginx/berlin.scm @@ -461,20 +461,24 @@ PUBLISH-URL." (body (list "alias /srv/guix.gnu.org-i18n;"))) (git-http-nginx-location-configuration (git-http-configuration)) ;; For Hurd bootstrap binaries. (nginx-location-configuration (uri "/guix") (body (list "root /var/www;"))) + (nginx-location-configuration + (uri "~ (.html|.htm)$") + (body (list "try_files /$lang/$uri $uri =404;"))) + (nginx-location-configuration ;certbot (uri "/.well-known") (body (list "root /var/www;"))))) (define guix.info-locations (list (nginx-location-configuration ;certbot (uri "~ ^/\\.well-known") (body (list "root /var/www;"))) (nginx-location-configuration (uri "~ /(.*)") @@ -507,31 +511,33 @@ PUBLISH-URL." (list "access_log /var/log/nginx/bootstrappable.access.log;"))) (nginx-server-configuration (listen '("80")) (server-name '("guix.gnu.org")) (root "/srv/guix.gnu.org") (locations guix.gnu.org-locations) (raw-content (list + "rewrite (.*)/$ $1/index.html;" "access_log /var/log/nginx/guix-info.access.log;"))) (nginx-server-configuration (listen '("80")) (server-name '("guix.info" "www.guix.info")) (locations guix.info-locations) (raw-content (append %tls-settings (list + "rewrite (.*)/$ $1/index.html;" "access_log /var/log/nginx/guix-info.https.access.log;")))) (nginx-server-configuration (listen '("80")) (server-name '("issues.guix.info" "issues.guix.gnu.org")) (root "/home/rekado/mumi/") (locations (list (nginx-location-configuration ;certbot (uri "/.well-known") @@ -614,33 +620,35 @@ PUBLISH-URL." (listen '("443 ssl")) (server-name '("guix.info" "www.guix.info")) (ssl-certificate (le "guix.info")) (ssl-certificate-key (le "guix.info" 'key)) (locations guix.info-locations) (raw-content (append %tls-settings (list + "rewrite (.*)/$ $1/index.html;" "access_log /var/log/nginx/guix-info.https.access.log;")))) (nginx-server-configuration (listen '("443 ssl")) (server-name '("guix.gnu.org")) (ssl-certificate (le "guix.gnu.org")) (ssl-certificate-key (le "guix.gnu.org" 'key)) (root "/srv/guix.gnu.org") (locations guix.gnu.org-locations) (raw-content (append %tls-settings (list + "rewrite (.*)/$ $1/index.html;" "access_log /var/log/nginx/guix-gnu-org.https.access.log;")))) (nginx-server-configuration (listen '("443 ssl")) (server-name '("issues.guix.info")) (ssl-certificate (le "issues.guix.info")) (ssl-certificate-key (le "issues.guix.info" 'key)) (root "/home/rekado/mumi/") (locations (list (nginx-location-configuration @@ -710,20 +718,22 @@ PUBLISH-URL." "proxy_send_timeout 600;" "proxy_read_timeout 600;" "send_timeout 600;" "access_log /var/log/nginx/workflows-guix-info.https.access.log;")))))) (define %extra-content (list "default_type application/octet-stream;" "sendfile on;" + "set_from_accept_language $lang en de;" + ;; Maximum chunk size to send. Partly this is a workaround for ;; , but also the nginx docs mention that ;; "Without the limit, one fast connection may seize the worker ;; process entirely." ;; "sendfile_max_chunk 1m;" "keepalive_timeout 65;" ;; Use HTTP 1.1 to talk to the backend so we benefit from keep-alive @@ -768,20 +778,25 @@ PUBLISH-URL." "proxy_connect_timeout 7s;" "proxy_read_timeout 10s;" "proxy_send_timeout 10s;" ;; Cache timeouts for a little while to avoid increasing pressure. "proxy_cache_valid 504 30s;")) (define %nginx-configuration (nginx-configuration (server-blocks %berlin-servers) + (modules + (list + ;; Module to redirect users to the localized pages of their choice. + (file-append nginx-accept-language-module + "/etc/nginx/modules/ngx_http_accept_language_module.so"))) (global-directives ;; This is a 72-core machine, but let's not use all of them for nginx. '((worker_processes . 16) (pcre_jit . on) (events . ((worker_connections . 1024))))) (extra-content (string-join %extra-content "\n")))) (define %zabbix-nginx-server (nginx-server-configuration