mirror of
https://github.com/LemmyNet/lemmy.git
synced 2024-11-25 22:01:19 +00:00
Add a sample nginx.conf .
This commit is contained in:
parent
ed2744201b
commit
43d64fda20
1 changed files with 120 additions and 0 deletions
120
docker/dev/nginx.conf
Normal file
120
docker/dev/nginx.conf
Normal file
|
@ -0,0 +1,120 @@
|
|||
worker_processes 1;
|
||||
events {
|
||||
worker_connections 1024;
|
||||
}
|
||||
http {
|
||||
proxy_cache_path /var/cache/lemmy_frontend levels=1:2 keys_zone=lemmy_frontend_cache:10m max_size=100m use_temp_path=off;
|
||||
include mime.types;
|
||||
default_type application/octet-stream;
|
||||
|
||||
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
||||
# '$status $body_bytes_sent "$http_referer" '
|
||||
# '"$http_user_agent" "$http_x_forwarded_for"';
|
||||
|
||||
#access_log logs/access.log main;
|
||||
|
||||
sendfile on;
|
||||
#tcp_nopush on;
|
||||
|
||||
#keepalive_timeout 0;
|
||||
keepalive_timeout 65;
|
||||
|
||||
#gzip on;
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name localhost;
|
||||
|
||||
#charset koi8-r;
|
||||
|
||||
#access_log logs/host.access.log main;
|
||||
|
||||
location / {
|
||||
root /usr/share/nginx/html;
|
||||
index index.html index.htm;
|
||||
}
|
||||
|
||||
#error_page 404 /404.html;
|
||||
|
||||
# redirect server error pages to the static page /50x.html
|
||||
#
|
||||
error_page 500 502 503 504 /50x.html;
|
||||
location = /50x.html {
|
||||
root /usr/share/nginx/html;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 8535;
|
||||
server_name localhost;
|
||||
|
||||
|
||||
|
||||
# Enable compression for JS/CSS/HTML bundle, for improved client load times.
|
||||
# It might be nice to compress JSON, but leaving that out to protect against potential
|
||||
# compression+encryption information leak attacks like BREACH.
|
||||
gzip on;
|
||||
gzip_types text/css application/javascript;
|
||||
gzip_vary on;
|
||||
|
||||
# Only connect to this site via HTTPS for the two years
|
||||
add_header Strict-Transport-Security "max-age=63072000";
|
||||
|
||||
# Various content security headers
|
||||
add_header Referrer-Policy "same-origin";
|
||||
add_header X-Content-Type-Options "nosniff";
|
||||
add_header X-Frame-Options "DENY";
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
|
||||
# Upload limit for pictrs
|
||||
# client_max_body_size 50M;
|
||||
|
||||
# frontend
|
||||
location / {
|
||||
# The default ports:
|
||||
# lemmy_port: 8536
|
||||
# lemmy_ui_port: 1235
|
||||
# Use :1234 if you want to develop locally, using yarn start in the lemmy-ui folder
|
||||
|
||||
set $proxpass "http://0.0.0.0:1235";
|
||||
if ($http_accept = "application/activity+json") {
|
||||
set $proxpass "http://0.0.0.0:8536";
|
||||
}
|
||||
if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
|
||||
set $proxpass "http://0.0.0.0:8536";
|
||||
}
|
||||
if ($request_method = POST) {
|
||||
set $proxpass "http://0.0.0.0:8536";
|
||||
}
|
||||
proxy_pass $proxpass;
|
||||
|
||||
rewrite ^(.+)/+$ $1 permanent;
|
||||
|
||||
# Send actual client IP upstream
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
# backend
|
||||
location ~ ^/(api|pictrs|feeds|nodeinfo|.well-known) {
|
||||
proxy_pass http://0.0.0.0:8536;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "upgrade";
|
||||
|
||||
# Rate limit
|
||||
# limit_req zone=lemmy_ratelimit burst=30 nodelay;
|
||||
|
||||
# Add IP forwarding headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
}
|
||||
|
||||
# Redirect pictshare images to pictrs
|
||||
location ~ /pictshare/(.*)$ {
|
||||
return 301 /pictrs/image/$1;
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue