Hugging Face's logo

Spaces:
midah
/
hf-viz
Sleeping

App Files Community
hf-viz
File size: 4,347 Bytes
637183f
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
# Nginx reverse proxy configuration for HF Viz
# Provides caching, compression, and load balancing

upstream hfviz_backend {
    server localhost:8000;
    # Add more backend servers for load balancing
    # server localhost:8001;
    # server localhost:8002;
    keepalive 32;
}

# Cache configuration
proxy_cache_path /var/cache/nginx/hfviz
    levels=1:2
    keys_zone=hfviz_cache:100m
    max_size=10g
    inactive=60m
    use_temp_path=off;

server {
    listen 80;
    listen [::]:80;
    server_name api.hfviz.example.com;  # Change to your domain

    # Gzip compression
    gzip on;
    gzip_vary on;
    gzip_min_length 1000;
    gzip_types
        text/plain
        text/css
        text/xml
        text/javascript
        application/json
        application/javascript
        application/xml+rss
        application/msgpack;
    
    # Security headers
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-XSS-Protection "1; mode=block" always;

    # CORS headers (if needed)
    add_header Access-Control-Allow-Origin "*" always;
    add_header Access-Control-Allow-Methods "GET, POST, OPTIONS" always;
    add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization" always;
    add_header Access-Control-Expose-Headers "Cache-Control, Content-Type" always;
    
    # Handle preflight requests
    if ($request_method = OPTIONS) {
        return 204;
    }

    # Proxy settings
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;

    # Cache static API responses (GET only)
    location /api/models {
        proxy_pass http://hfviz_backend;
        
        # Enable caching for this endpoint
        proxy_cache hfviz_cache;
        proxy_cache_key "$request_method$request_uri";
        proxy_cache_valid 200 5m;
        proxy_cache_valid 404 1m;
        proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
        proxy_cache_background_update on;
        proxy_cache_lock on;
        
        # Show cache status in response header
        add_header X-Cache-Status $upstream_cache_status;
        
        # Bypass cache for authenticated requests
        proxy_cache_bypass $http_authorization;
        proxy_no_cache $http_authorization;
    }

    location /api/stats {
        proxy_pass http://hfviz_backend;
        
        proxy_cache hfviz_cache;
        proxy_cache_valid 200 10m;
        add_header X-Cache-Status $upstream_cache_status;
    }

    # No caching for search/dynamic endpoints
    location /api/search {
        proxy_pass http://hfviz_backend;
        proxy_cache off;
    }

    location /api/model/ {
        proxy_pass http://hfviz_backend;
        
        # Light caching for model details
        proxy_cache hfviz_cache;
        proxy_cache_valid 200 10m;
        add_header X-Cache-Status $upstream_cache_status;
    }

    # No caching for write operations
    location ~ ^/api/.*/record$ {
        proxy_pass http://hfviz_backend;
        proxy_cache off;
    }

    # Default proxy for all other API endpoints
    location /api/ {
        proxy_pass http://hfviz_backend;
        
        # Timeouts for slow operations
        proxy_connect_timeout 60s;
        proxy_send_timeout 60s;
        proxy_read_timeout 60s;
    }

    # Health check endpoint
    location /health {
        proxy_pass http://hfviz_backend/;
        access_log off;
    }

    # API docs
    location /docs {
        proxy_pass http://hfviz_backend/docs;
    }

    # Cache purge endpoint (restrict to localhost)
    location /purge {
        allow 127.0.0.1;
        deny all;
        proxy_cache_purge hfviz_cache "$request_method$request_uri";
    }
}

# SSL configuration (if using HTTPS)
# server {
#     listen 443 ssl http2;
#     listen [::]:443 ssl http2;
#     server_name api.hfviz.example.com;
#
#     ssl_certificate /path/to/cert.pem;
#     ssl_certificate_key /path/to/key.pem;
#     ssl_protocols TLSv1.2 TLSv1.3;
#     ssl_ciphers HIGH:!aNULL:!MD5;
#     
#     # ... (same location blocks as above)
# }