Add: Example nginx conf & systemd service
- Add sample nginx conf file with ssl support - Add systemd service that keeps app running
This commit is contained in:
parent
1e54494317
commit
a9388a5176
36
extra/assettrack.nginx.conf
Normal file
36
extra/assettrack.nginx.conf
Normal file
@ -0,0 +1,36 @@
|
||||
# Example nginx config
|
||||
server {
|
||||
listen 80;
|
||||
server_name your-domain.com;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name your-domain.com;
|
||||
|
||||
# SSL Configuration (Replace with your paths)
|
||||
ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
|
||||
|
||||
# Security Headers
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-Frame-Options DENY;
|
||||
|
||||
# Proxy Configuration
|
||||
location / {
|
||||
proxy_pass http://unix:/opt/assettrack/assettrack.sock;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
}
|
||||
|
||||
# Static Files
|
||||
location /static {
|
||||
alias /opt/assettrack/static;
|
||||
expires 30d;
|
||||
access_log off;
|
||||
}
|
||||
}
|
20
extra/assettrack.service
Normal file
20
extra/assettrack.service
Normal file
@ -0,0 +1,20 @@
|
||||
[Unit]
|
||||
Description=AssetTrack Inventory System
|
||||
After=network.target mysql.service
|
||||
|
||||
[Service]
|
||||
User=assettrack
|
||||
Group=assettrack
|
||||
WorkingDirectory=/opt/assettrack
|
||||
Environment="PATH=/usr/bin"
|
||||
Environment="FLASK_ENV=production"
|
||||
Environment="FLASK_SECRET_KEY=your-generated-secret-key-here"
|
||||
|
||||
# Using Gunicorn as WSGI server
|
||||
ExecStart=/usr/bin/gunicorn --workers 3 --bind unix:/opt/assettrack/assettrack.sock -m 007 app:app
|
||||
|
||||
Restart=always
|
||||
RestartSec=5
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
Loading…
Reference in New Issue
Block a user