From 6f3b45bdbd16f684f2776522ef7243a6147e75b3 Mon Sep 17 00:00:00 2001
From: Ajay Ramachandran <dev@ajay.app>
Date: Sun, 5 Dec 2021 05:06:31 +0100
Subject: [PATCH] Update nginx config

---
 nginx/nginx.conf | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index f6a5451..dd90603 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -23,7 +23,7 @@ http {
 	}
 
 	upstream backend_GET {
-		least_conn;
+		ip_hash;
 		#server		localhost:4441;
 		#server		localhost:4442;
 		#server		localhost:4443;
@@ -39,8 +39,8 @@ http {
 		server		10.0.0.5:4441;
 		server		10.0.0.5:4442;
 
-		server		10.0.0.6:4441;
-		server		10.0.0.6:4442;
+		#server		10.0.0.6:4441;
+		#server		10.0.0.6:4442;
 
 		#server		134.209.69.251:80	backup;
 
@@ -57,7 +57,7 @@ http {
 		server		10.0.0.3:4441;
 	}
 	upstream backend_db {
-		server		localhost:4441;
+		server		[::1]:4441;
 		#server		10.0.0.3:4441;
 	}
 
@@ -103,12 +103,16 @@ http {
 			#proxy_pass		https://sbtest.etcinit.com/;
 		}
 
+		#access_log /etc/nginx/logs/requests.log no_ip;
+
 		location /api/skipSegments {
 			#return 200 "[]";
 			proxy_pass		http://backend_$request_method;
 			#proxy_cache	CACHEZONE;
 			#proxy_cache_valid	2m;
 
+			#access_log /etc/nginx/logs/download.log no_ip;
+			gzip on;
 			if ($request_method = POST) {
 				access_log /etc/nginx/logs/submissions.log user_agent;
 			}
@@ -134,11 +138,13 @@ http {
 		}
 
 		location /download/ {
-			access_log /etc/nginx/logs/download.log no_ip;
+			#access_log /etc/nginx/logs/download.log no_ip;
 			gzip on;
 			gzip_types	text/csv;
 			gzip_comp_level 1;
-			alias		/home/sbadmin/sponsor/docker/database-export/;
+			
+			proxy_pass  http://backend_db;
+                        #alias		/home/sbadmin/sponsor/docker/database-export/;
 			#return 307 https://cdnsponsor.ajay.app$request_uri;
 		}
 		location /database {
@@ -172,8 +178,8 @@ http {
 			root	/home/sbadmin/SponsorBlockSite/public-prod;
 		}
 		
-		listen [::]:443 default_server ssl http2 ipv6only=on;
-		listen 443 default_server ssl http2; # managed by Certbot
+		listen [::]:443 default_server ssl http2 ipv6only=on backlog=323999;
+		listen 443 default_server ssl http2 reuseport backlog=323999; # managed by Certbot
 		#listen 443 http3 reuseport;
 		#ssl_protocols TLSv1.2 TLSv1.3;
 		#listen 80;
@@ -257,7 +263,7 @@ http {
 			proxy_pass http://10.0.0.3:8080;
 		}
 
-		#listen [::]:443 ssl http2 ipv6only=on;
+		listen [::]:443 ssl http2; 
 		listen 443  ssl http2; # managed by Certbot
 		#listen 443 http3 reuseport;
 		#ssl_protocols TLSv1.2 TLSv1.3;