Nginx + uwsgi config

etc/crontab

@@ -0,0 +1 @@
+0 * * * * cd /home/vas3k/infomate.club/scripts && python3 update.py >/dev/null 2>&1

etc/nginx/infomate.club.conf

@@ -0,0 +1,59 @@
+upstream infomate_club_uwsgi {
+    server unix:/home/vas3k/infomate.club.sock weight=1 max_fails=5 fail_timeout=30s;
+}
+
+server {
+    listen 80;
+    listen 443 ssl http2;
+    server_name www.infomate.club;
+
+    ssl_certificate /etc/letsencrypt/live/infomate.club/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/infomate.club/privkey.pem;
+    ssl_trusted_certificate /etc/letsencrypt/live/infomate.club/fullchain.pem;
+    include /etc/nginx/ssl.conf;
+
+    rewrite ^(.*) https://infomate.club$1 permanent;
+}
+
+server {
+    listen 80 default_server;
+    listen 443 ssl http2;
+    server_name infomate.club;
+
+	charset utf-8;
+    client_max_body_size 30M;
+	index index.html index.htm;
+
+    ssl_certificate /etc/letsencrypt/live/infomate.club/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/infomate.club/privkey.pem;
+    ssl_trusted_certificate /etc/letsencrypt/live/infomate.club/fullchain.pem;
+    include /etc/nginx/ssl.conf;
+
+    set_real_ip_from  172.17.0.0/16;
+    real_ip_header X-Forwarded-For;
+    real_ip_recursive on;
+
+    rewrite ^/favicon.ico$ https://infomate.club/static/images/favicon.ico;
+    rewrite ^/favicon.png$ https://infomate.club/static/images/favicon.png;
+
+	access_log /home/vas3k/infomate.club/logs/access.log;
+	error_log /home/vas3k/infomate.club/logs/error.log;
+
+	location /static/ {
+		root /home/vas3k/infomate.club/;
+		gzip_static on;
+		expires     max;
+		add_header Cache-Control "public";
+	}
+
+    location ^~ /.well-known/acme-challenge/ {
+        default_type "text/plain";
+        root /var/www/letsencrypt;
+    }
+
+	location / {
+		uwsgi_pass infomate_club_uwsgi;
+        uwsgi_ignore_client_abort on;
+		include uwsgi_params;
+	}
+}

etc/nginx/ssl.conf

@@ -0,0 +1,15 @@
+ssl_session_timeout 1d;
+ssl_session_cache shared:SSL:50m;
+ssl_session_tickets off;
+
+ssl_protocols TLSv1.2;
+ssl_ciphers EECDH+AESGCM:EECDH+AES;
+ssl_ecdh_curve secp384r1;
+ssl_prefer_server_ciphers on;
+
+ssl_stapling on;
+ssl_stapling_verify on;
+
+add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
+add_header X-Frame-Options SAMEORIGIN;
+add_header X-Content-Type-Options nosniff;

etc/uwsgi/uwsgi.xml

@@ -0,0 +1,21 @@
+<uwsgi>
+    <plugins>python3,http</plugins>
+    <uid>vas3k</uid>
+    <gid>vas3k</gid>
+    <socket>/home/vas3k/infomate.club.sock</socket>
+    <chmod-socket>666</chmod-socket>
+    <chdir>/home/vas3k/infomate.club</chdir>
+    <env>DJANGO_SETTINGS_MODULE=infomate.settings</env>
+    <module>infomate.wsgi:application</module>
+    <daemonize>/home/vas3k/infomate.club/infomate.club.log</daemonize>
+    <harakiri>30</harakiri>
+    <buffer-size>32768</buffer-size>
+    <post-buffering>8192</post-buffering>
+    <post-buffering-bufsize>65536</post-buffering-bufsize>
+    <ignore-write-errors>true</ignore-write-errors>
+    <disable-write-exception>true</disable-write-exception>
+    <max-requests>5000</max-requests>
+    <master/>
+    <workers>3</workers>
+    <threads>2</threads>
+</uwsgi>

infomate/settings.py

@@ -10,7 +10,7 @@ DEBUG = True
 
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 SECRET_KEY = "wow so secret"
-ALLOWED_HOSTS = ["127.0.0.1", "vas3k.ru"]
+ALLOWED_HOSTS = ["127.0.0.1", "vas3k.ru", "infomate.club"]
 
 INSTALLED_APPS = [
     "django.contrib.staticfiles",

requirements.txt

@@ -5,4 +5,4 @@ requests==2.22.0
 beautifulsoup4==4.6.2
 pyyaml==5.2
 feedparser==5.2.1
-sentry-sdk==0.13.0
+sentry-sdk==0.13.5