2019-09-04 20:50:53 +02:00
|
|
|
events {}
|
|
|
|
|
|
|
|
http {
|
2019-09-05 11:18:42 +02:00
|
|
|
gzip on;
|
|
|
|
gzip_comp_level 2;
|
|
|
|
gzip_min_length 1000;
|
|
|
|
gzip_proxied expired no-cache no-store private auth;
|
2019-09-04 20:50:53 +02:00
|
|
|
|
2019-09-05 11:18:42 +02:00
|
|
|
include mime.types;
|
2019-09-04 20:50:53 +02:00
|
|
|
upstream server {
|
|
|
|
server server:3000;
|
|
|
|
}
|
|
|
|
|
2019-09-12 16:35:24 +02:00
|
|
|
map $request_uri $expires {
|
|
|
|
default off;
|
|
|
|
"~-[0-9a-z]{10}\.js$" 365d;
|
|
|
|
"~*(woff|woff2|ttf|eot)$" 365d;
|
|
|
|
}
|
|
|
|
|
2019-09-12 20:46:01 +02:00
|
|
|
map $sent_http_content_type $csp {
|
|
|
|
default "";
|
|
|
|
"~^text/html" "default-src 'self'; style-src 'self' 'unsafe-inline'";
|
|
|
|
}
|
|
|
|
|
2019-09-04 20:50:53 +02:00
|
|
|
server {
|
|
|
|
listen 80;
|
|
|
|
autoindex on;
|
|
|
|
root /www/data;
|
2019-09-12 16:35:24 +02:00
|
|
|
expires $expires;
|
2019-09-12 20:46:01 +02:00
|
|
|
add_header Content-Security-Policy $csp;
|
2019-09-13 08:42:22 +02:00
|
|
|
add_header Strict-Transport-Security 'max-age=604800; includeSubDomains';
|
2019-09-26 16:55:57 +02:00
|
|
|
add_header Referrer-Policy 'origin-when-cross-origin';
|
|
|
|
add_header X-Content-Type-Options 'nosniff';
|
|
|
|
add_header X-XSS-Protection '1; mode=block';
|
2019-09-04 20:50:53 +02:00
|
|
|
|
|
|
|
location /api/ {
|
|
|
|
proxy_pass http://server;
|
|
|
|
proxy_redirect off;
|
|
|
|
rewrite ^/api(.*)$ $1 break;
|
2019-09-05 11:18:42 +02:00
|
|
|
proxy_hide_header Content-Type;
|
|
|
|
add_header Content-Type "application/json";
|
|
|
|
}
|
|
|
|
|
|
|
|
location /auditorium/ {
|
|
|
|
try_files $uri $uri/ /auditorium/index.html;
|
2019-09-04 20:50:53 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|