mirror of
https://github.com/remsky/Kokoro-FastAPI.git
synced 2025-04-13 09:39:17 +00:00
6d717437c9
Updates the service name to 'InstaVoice' and introduces multiple server services to enhance scalability. Modifies GPU resource allocation to use all available devices and adds an NGINX service for reverse proxy capabilities. Simplifies the structure for better management of the API and UI services.
78 lines
3.4 KiB
Nginx Configuration File
78 lines
3.4 KiB
Nginx Configuration File
user nginx;
|
|
worker_processes auto; # Automatically adjust worker processes based on available CPUs
|
|
|
|
events {
|
|
worker_connections 1024; # Maximum simultaneous connections per worker
|
|
use epoll; # Use efficient event handling for Linux
|
|
}
|
|
|
|
http {
|
|
# Basic security headers
|
|
add_header X-Frame-Options SAMEORIGIN always; # Prevent clickjacking
|
|
add_header X-Content-Type-Options nosniff always; # Prevent MIME-type sniffing
|
|
add_header X-XSS-Protection "1; mode=block" always; # Enable XSS protection in browsers
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; # Enforce HTTPS
|
|
add_header Content-Security-Policy "default-src 'self';" always; # Restrict resource loading to same origin
|
|
|
|
# Timeouts
|
|
sendfile on; # Enable sendfile for efficient file serving
|
|
tcp_nopush on; # Reduce packet overhead
|
|
tcp_nodelay on; # Minimize latency
|
|
keepalive_timeout 65; # Keep connections alive for 65 seconds
|
|
client_max_body_size 10m; # Limit request body size to 10MB
|
|
client_body_timeout 12; # Timeout for client body read
|
|
client_header_timeout 12; # Timeout for client header read
|
|
|
|
# Compression
|
|
gzip on; # Enable gzip compression
|
|
gzip_disable "msie6"; # Disable gzip for old browsers
|
|
gzip_vary on; # Add "Vary: Accept-Encoding" header
|
|
gzip_proxied any; # Enable gzip for proxied requests
|
|
gzip_comp_level 6; # Compression level
|
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
|
|
|
# Load balancing upstream
|
|
upstream backend {
|
|
least_conn; # Use least connections load balancing strategy
|
|
server server1:8880 max_fails=3 fail_timeout=5s; # Add health check for backend servers
|
|
# Uncomment additional servers for scaling:
|
|
server server2:8880 max_fails=3 fail_timeout=5s;
|
|
server server3:8880 max_fails=3 fail_timeout=5s;
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
|
|
# Redirect HTTP to HTTPS (optional)
|
|
# Uncomment the lines below if SSL is configured:
|
|
# listen 443 ssl;
|
|
# ssl_certificate /path/to/certificate.crt;
|
|
# ssl_certificate_key /path/to/private.key;
|
|
|
|
location / {
|
|
proxy_pass http://backend; # Proxy traffic to the backend servers
|
|
proxy_http_version 1.1; # Use HTTP/1.1 for persistent connections
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Forwarded-For $remote_addr; # Forward client IP
|
|
proxy_cache_bypass $http_upgrade;
|
|
proxy_read_timeout 60s; # Adjust read timeout for backend
|
|
proxy_connect_timeout 60s; # Adjust connection timeout for backend
|
|
proxy_send_timeout 60s; # Adjust send timeout for backend
|
|
}
|
|
|
|
# Custom error pages
|
|
error_page 502 503 504 /50x.html;
|
|
location = /50x.html {
|
|
root /usr/share/nginx/html;
|
|
}
|
|
|
|
# Deny access to hidden files (e.g., .git)
|
|
location ~ /\. {
|
|
deny all;
|
|
access_log off;
|
|
log_not_found off;
|
|
}
|
|
}
|
|
}
|