mirror of https://gitgud.io/fatchan/jschan.git
parent
48af8e8b90
commit
b6a8703621
5 changed files with 141 additions and 11 deletions
@ -0,0 +1,122 @@ |
||||
upstream chan { |
||||
server localhost:7000; |
||||
} |
||||
|
||||
server { |
||||
|
||||
server_name domain.com www.domain.com; |
||||
server_tokens off; |
||||
error_page 404 = /path/to/jschan/static/html/404.html; |
||||
|
||||
add_header Cache-Control "public"; |
||||
add_header Content-Security-Policy "default-src 'self'; img-src 'self'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'"; |
||||
add_header Referrer-Policy "same-origin" always; |
||||
add_header X-Frame-Options "sameorigin" always; |
||||
add_header X-Content-Type-Options "nosniff" always; |
||||
add_header X-XSS-Protection "1; mode=block" always; |
||||
|
||||
if ($request_uri ~ ^/(?!captcha|randombanner|forms|logout|socket\.io)) { |
||||
rewrite ^([^.\?]*[^/])$ $1/ redirect; |
||||
rewrite ^(.+)/$ $1/index.html redirect; |
||||
} |
||||
|
||||
location = /robots.txt { |
||||
access_log off; |
||||
add_header Content-Type text/plain; |
||||
return 200 "User-agent: *\nDisallow:\n"; |
||||
} |
||||
|
||||
location = /favicon.ico { |
||||
access_log off; |
||||
expires max; |
||||
root /path/to/jschan/static/img; |
||||
try_files $uri =404; |
||||
} |
||||
|
||||
location = / { |
||||
return 302 http://$host/index.html; |
||||
} |
||||
|
||||
location /captcha { |
||||
access_log off; |
||||
root /path/to/jschan/static/captcha; |
||||
if ($cookie_captchaid) { |
||||
return 302 http://$host/captcha/$cookie_captchaid.jpg; |
||||
} |
||||
try_files /$cookie_captchaid.jpg @backend; |
||||
} |
||||
|
||||
location / { |
||||
proxy_buffering off; |
||||
proxy_pass http://chan$request_uri; |
||||
proxy_http_version 1.1; |
||||
|
||||
#websocket |
||||
proxy_set_header Host $host; |
||||
proxy_set_header Upgrade $http_upgrade; |
||||
proxy_set_header Connection 'upgrade'; |
||||
proxy_cache_bypass $http_upgrade; |
||||
|
||||
proxy_set_header X-Forwarded-Proto http; |
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
||||
proxy_set_header X-Real-IP $remote_addr; |
||||
proxy_set_header X-Country-Code $geoip_country_code; |
||||
proxy_set_header X-Country-Name $geoip_country_name; |
||||
} |
||||
|
||||
location @backend { |
||||
proxy_buffering off; |
||||
proxy_pass http://chan$request_uri; |
||||
proxy_http_version 1.1; |
||||
proxy_set_header X-Forwarded-Proto http; |
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
||||
proxy_set_header X-Real-IP $remote_addr; |
||||
proxy_set_header X-Country-Code $geoip_country_code; |
||||
proxy_set_header X-Country-Name $geoip_city_country_name; |
||||
proxy_set_header Connection ''; |
||||
proxy_set_header Host $host; |
||||
} |
||||
|
||||
# HTML |
||||
location ~* \.html$ { |
||||
expires 0; |
||||
root /path/to/jschan/static/html; |
||||
try_files $uri @backend; |
||||
} |
||||
|
||||
# JSON |
||||
location ~* \.json$ { |
||||
expires 0; |
||||
root /path/to/jschan/static/json; |
||||
try_files $uri =404; |
||||
#json doesnt hit backend if it doesnt exist yet. |
||||
} |
||||
|
||||
# CSS |
||||
location ~* \.css$ { |
||||
access_log off; |
||||
expires 1d; |
||||
root /path/to/jschan/static; |
||||
try_files $uri =404; |
||||
} |
||||
|
||||
# Scripts |
||||
location ~* \.js$ { |
||||
expires 1d; |
||||
access_log off; |
||||
root /path/to/jschan/static; |
||||
try_files $uri =404; |
||||
} |
||||
|
||||
# Images |
||||
location ~* \.(png|jpg|jpeg|gif|mp4|webm|mov|svg)$ { |
||||
access_log off; |
||||
expires max; |
||||
root /path/to/jschan/static; |
||||
try_files $uri =404; |
||||
} |
||||
|
||||
listen 80; |
||||
listen [::]:80; |
||||
|
||||
} |
Loading…
Reference in new issue