upstream tile_cache_backend {
server 127.0.0.1;
<% @caches.each do |cache| -%>
+ <% if cache[:hostname] != node[:hostname] -%>
#Server <%= cache[:hostname] %>
<% cache.ipaddresses(:family => :inet, :role => :external).sort.each do |address| -%>
server <%= address %> backup;
<% end -%>
<% end -%>
+ <% end -%>
keepalive 32;
}
server {
- listen 443 ssl spdy default_server;
+ listen 443 ssl fastopen=2048 http2 default_server;
server_name localhost;
proxy_buffers 8 64k;
proxy_pass http://tile_cache_backend;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_http_version 1.1;
+ proxy_set_header Connection "";
+
+ proxy_connect_timeout 5s;
+
+ # Do not pass cookies to backend.
+ proxy_set_header Cookie "";
+ # Do not pass Accept-Encoding to backend.
+ proxy_set_header Accept-Encoding "";
+
+ # Do not allow setting cookies from cached pages.
+ proxy_ignore_headers Set-Cookie;
+ proxy_hide_header Set-Cookie;
+
+ # Slow traffic slightly
+ limit_rate 24576;
}
}
projects / chef.git / blobdiff