liberty-hu/dist/nginx.conf

49 lines
1.5 KiB
Nginx Configuration File

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=STATIC:10m inactive=24h max_size=1g;
server {
server_name {SERVER};
location ~* \.(ico|css|js)$ {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
expires 1d;
access_log off;
add_header Pragma public;
add_header Cache-Control "public, max-age=86400";
}
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering on;
proxy_cache STATIC;
proxy_cache_valid 200 6h;
add_header X-Cached $upstream_cache_status;
add_header 'Access-Control-Allow-Origin' '*';
}
location = /robots.txt {
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/{SERVER}/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/{SERVER}/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
listen 80;
server_name {SERVER};
if ($host = {SERVER}) {
return 301 https://$host$request_uri;
} # managed by Certbot
}