nginx-web.conf.erb 2.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172
  1. worker_processes 1;
  2. daemon off;
  3. events {
  4. worker_connections 1024;
  5. }
  6. http {
  7. include /data/etc/nginx/mime.types;
  8. sendfile on;
  9. gzip on;
  10. gzip_http_version 1.0;
  11. gzip_proxied any;
  12. gzip_min_length 500;
  13. gzip_disable "MSIE [1-6]\.";
  14. gzip_types text/plain text/xml text/javascript text/css text/comma-separated-values application/xml+rss application/xml application/x-javascript application/json application/javascript application/atom+xml;
  15. # Proxy upstream to the puma process
  16. upstream rails {
  17. server 127.0.0.1:3000;
  18. }
  19. map $http_upgrade $connection_upgrade {
  20. default upgrade;
  21. '' close;
  22. }
  23. # Configuration for Nginx
  24. server {
  25. # Listen on port 8080
  26. listen 8080;
  27. add_header Strict-Transport-Security "max-age=31536000";
  28. add_header Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://<%= ENV["LOCAL_DOMAIN"] %>; upgrade-insecure-requests";
  29. root /app/public;
  30. client_max_body_size 8M;
  31. location / {
  32. try_files $uri @rails;
  33. }
  34. location /sw.js {
  35. add_header Cache-Control "public, max-age=0";
  36. try_files $uri @rails;
  37. }
  38. location ~ ^/(emoji|packs|system/media_attachments/files|system/accounts/avatars) {
  39. add_header Cache-Control "public, max-age=31536000, immutable";
  40. try_files $uri @rails;
  41. }
  42. # Proxy connections to rails
  43. location @rails {
  44. proxy_set_header Host $host;
  45. proxy_pass_header Server;
  46. proxy_pass http://rails;
  47. proxy_buffering off;
  48. proxy_redirect off;
  49. proxy_http_version 1.1;
  50. proxy_set_header Upgrade $http_upgrade;
  51. proxy_set_header Connection $connection_upgrade;
  52. tcp_nodelay on;
  53. }
  54. }
  55. error_page 500 501 502 503 504 /500.html;
  56. }