Blocking pict-rs import location

This commit is contained in:
Dessalines 2020-06-12 17:05:19 -04:00
parent cddc23494d
commit f647f2ae6c
2 changed files with 8 additions and 43 deletions

View file

@ -48,8 +48,8 @@ server {
add_header X-Frame-Options "DENY";
add_header X-XSS-Protection "1; mode=block";
# Upload limit for pictshare
client_max_body_size 50M;
# Upload limit for pictrs
client_max_body_size 20M;
location / {
proxy_pass http://0.0.0.0:8536;
@ -70,12 +70,17 @@ server {
proxy_cache_min_uses 5;
}
location /pictrs/ {
location /pictrs/image/ {
proxy_pass http://0.0.0.0:8537/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Block the import
location /pictrs/import {
return 403;
}
if ($request_uri ~ \.(?:ico|gif|jpe?g|png|webp|bmp|mp4)$) {
add_header Cache-Control "public, max-age=31536000, immutable";
}

40
docker/dev/nginx.conf vendored
View file

@ -1,40 +0,0 @@
events {
worker_connections 1024;
}
http {
server {
listen 8536;
server_name 127.0.0.1;
#access_log off;
# Upload limit for pictshare
client_max_body_size 50M;
location / {
proxy_pass http://lemmy:8536;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /pictrs/ {
proxy_pass http://pictrs:8080/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /iframely/ {
proxy_pass http://iframely:80/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}