server {
server_name peertube.TLD;
access_log off;
open_log_file_cache max=1000 inactive=20s valid=1m min_uses=2;
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
location / {
proxy_pass http://10.0.3.IP;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header Host $host;
proxy_ignore_client_abort on;
proxy_read_timeout 600s;
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
}
listen 80; # managed by Certbot
ssl_stapling on;
ssl_stapling_verify on;
client_max_body_size 12G; # default is 1M
proxy_connect_timeout 10m;
proxy_send_timeout 10m;
proxy_read_timeout 10m;
send_timeout 10m;
client_body_timeout 30s; # default is 60
client_header_timeout 10s; # default is 60
keepalive_timeout 10s; # default is 75
resolver_timeout 10s; # default is 30
}