YGGverse/btracker
1
0
Fork 0
mirror of https://github.com/YGGverse/btracker.git synced 2026-03-31 09:05:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
Page: Nginx
Pages
Branding Home Nginx Screenshots Systemd
9 Nginx
oooo-ps edited this page 2025-08-10 03:34:21 +03:00
Table of Contents

Proxy

Simple

server {
    listen 80;

    location / {
        proxy_pass http://127.0.0.1:8000;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Cache

This is working configuration for the tracker.ygg instance:

server {
	listen [302:68d0:f0d5:b88d::fdb]:80;
	server_name 302:68d0:f0d5:b88d::fdb tracker.ygg;
	access_log /var/log/nginx/btracker.access.log;

	location ~* \.(jpg|jpeg|png|gif|css|js|ico|svg|css) {
		expires 30d;
		add_header Cache-Control "public, max-age=2592000";
		proxy_pass http://127.0.0.1:8000;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-Proto $scheme;
	}

	location / {
		expires 15m;
		add_header Cache-Control "public, max-age=900";
		proxy_pass http://127.0.0.1:8000;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header X-Forwarded-Proto $scheme;
	}
}

Restrict direct access

Note

Direct access to public files is safe and is partially restricted by the Rocket framework implementation. Therefore, feel free to further restrict direct access on the Nginx side.

Restrict direct access to the torrent files

location ~* \.torrent$ {
	deny all;
}

Restrict direct access to hidden files (started with dot)

Hidden files are temporarily created filesystem offsets by the aquatic-crawler and its librqbit client on the data preload. Permanent files are moved to folders without a dot. There is no reason to access this location.

location ~* ^/\. {
	deny all;
}