54 lines
1.3 KiB
Plaintext
54 lines
1.3 KiB
Plaintext
map $uri $static_file {
|
|
~*\.(?:css|js|mjs|png|jpg|jpeg|gif|svg|ico|webp|woff2?)$ 1;
|
|
default 0;
|
|
}
|
|
|
|
server {
|
|
listen 80 default_server;
|
|
server_tokens off;
|
|
etag off;
|
|
|
|
client_max_body_size 100M;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_hide_header Etag;
|
|
proxy_hide_header strict-transport-security;
|
|
|
|
proxy_connect_timeout 10s;
|
|
proxy_send_timeout 30s;
|
|
proxy_read_timeout 60s;
|
|
|
|
location /api/ {
|
|
proxy_pass http://api:4000/api/;
|
|
add_header Cache-Control "no-store, no-cache" always;
|
|
}
|
|
|
|
location /uploads/ {
|
|
alias /srv/uploads/;
|
|
access_log off;
|
|
expires 30d;
|
|
add_header Cache-Control "public, max-age=86400, immutable" always;
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location / {
|
|
proxy_pass http://web:80/;
|
|
|
|
add_header X-Frame-Options SAMEORIGIN;
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
|
|
if ($static_file) {
|
|
add_header Cache-Control "public, max-age=31536000, immutable" always;
|
|
}
|
|
|
|
add_header Cache-Control "no-store, no-cache" always;
|
|
}
|
|
|
|
}
|