Add: Example nginx conf & systemd service

- Add sample nginx conf file with ssl support
- Add systemd service that keeps app running
This commit is contained in:
Candifloss 2025-04-07 12:15:51 +05:30
parent 1e54494317
commit a9388a5176
2 changed files with 56 additions and 0 deletions

View File

@ -0,0 +1,36 @@
# Example nginx config
server {
listen 80;
server_name your-domain.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name your-domain.com;
# SSL Configuration (Replace with your paths)
ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
# Security Headers
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options DENY;
# Proxy Configuration
location / {
proxy_pass http://unix:/opt/assettrack/assettrack.sock;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Static Files
location /static {
alias /opt/assettrack/static;
expires 30d;
access_log off;
}
}

20
extra/assettrack.service Normal file
View File

@ -0,0 +1,20 @@
[Unit]
Description=AssetTrack Inventory System
After=network.target mysql.service
[Service]
User=assettrack
Group=assettrack
WorkingDirectory=/opt/assettrack
Environment="PATH=/usr/bin"
Environment="FLASK_ENV=production"
Environment="FLASK_SECRET_KEY=your-generated-secret-key-here"
# Using Gunicorn as WSGI server
ExecStart=/usr/bin/gunicorn --workers 3 --bind unix:/opt/assettrack/assettrack.sock -m 007 app:app
Restart=always
RestartSec=5
[Install]
WantedBy=multi-user.target