Hugging Face's logo

Spaces:
midah
/
hf-viz
Sleeping

App Files Community
hf-viz / deploy /nginx.conf
midah's picture
midah
Refactor UI: Stack Sans font, remove rounded corners, consolidate navigation
637183f
raw
history blame
4.35 kB
# Nginx reverse proxy configuration for HF Viz
# Provides caching, compression, and load balancing
upstream hfviz_backend {
 server localhost:8000;
 # Add more backend servers for load balancing
 # server localhost:8001;
 # server localhost:8002;
 keepalive 32;
}
# Cache configuration
proxy_cache_path /var/cache/nginx/hfviz
 levels=1:2
 keys_zone=hfviz_cache:100m
 max_size=10g
 inactive=60m
 use_temp_path=off;
server {
 listen 80;
 listen [::]:80;
 server_name api.hfviz.example.com; # Change to your domain
# Gzip compression
 gzip on;
 gzip_vary on;
 gzip_min_length 1000;
 gzip_types
 text/plain
 text/css
 text/xml
 text/javascript
 application/json
 application/javascript
 application/xml+rss
 application/msgpack;
# Security headers
 add_header X-Content-Type-Options "nosniff" always;
 add_header X-Frame-Options "SAMEORIGIN" always;
 add_header X-XSS-Protection "1; mode=block" always;
# CORS headers (if needed)
 add_header Access-Control-Allow-Origin "*" always;
 add_header Access-Control-Allow-Methods "GET, POST, OPTIONS" always;
 add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept, Authorization" always;
 add_header Access-Control-Expose-Headers "Cache-Control, Content-Type" always;
# Handle preflight requests
 if ($request_method = OPTIONS) {
 return 204;
 }
# Proxy settings
 proxy_http_version 1.1;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "upgrade";
 proxy_set_header Host $host;
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header X-Forwarded-Proto $scheme;
# Cache static API responses (GET only)
 location /api/models {
 proxy_pass http://hfviz_backend;
# Enable caching for this endpoint
 proxy_cache hfviz_cache;
 proxy_cache_key "$request_method$request_uri";
 proxy_cache_valid 200 5m;
 proxy_cache_valid 404 1m;
 proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
 proxy_cache_background_update on;
 proxy_cache_lock on;
# Show cache status in response header
 add_header X-Cache-Status $upstream_cache_status;
# Bypass cache for authenticated requests
 proxy_cache_bypass $http_authorization;
 proxy_no_cache $http_authorization;
 }
location /api/stats {
 proxy_pass http://hfviz_backend;
proxy_cache hfviz_cache;
 proxy_cache_valid 200 10m;
 add_header X-Cache-Status $upstream_cache_status;
 }
# No caching for search/dynamic endpoints
 location /api/search {
 proxy_pass http://hfviz_backend;
 proxy_cache off;
 }
location /api/model/ {
 proxy_pass http://hfviz_backend;
# Light caching for model details
 proxy_cache hfviz_cache;
 proxy_cache_valid 200 10m;
 add_header X-Cache-Status $upstream_cache_status;
 }
# No caching for write operations
 location ~ ^/api/.*/record$ {
 proxy_pass http://hfviz_backend;
 proxy_cache off;
 }
# Default proxy for all other API endpoints
 location /api/ {
 proxy_pass http://hfviz_backend;
# Timeouts for slow operations
 proxy_connect_timeout 60s;
 proxy_send_timeout 60s;
 proxy_read_timeout 60s;
 }
# Health check endpoint
 location /health {
 proxy_pass http://hfviz_backend/;
 access_log off;
 }
# API docs
 location /docs {
 proxy_pass http://hfviz_backend/docs;
 }
# Cache purge endpoint (restrict to localhost)
 location /purge {
 allow 127.0.0.1;
 deny all;
 proxy_cache_purge hfviz_cache "$request_method$request_uri";
 }
}
# SSL configuration (if using HTTPS)
# server {
# listen 443 ssl http2;
# listen [::]:443 ssl http2;
# server_name api.hfviz.example.com;
#
# ssl_certificate /path/to/cert.pem;
# ssl_certificate_key /path/to/key.pem;
# ssl_protocols TLSv1.2 TLSv1.3;
# ssl_ciphers HIGH:!aNULL:!MD5;
#
# # ... (same location blocks as above)
# }