Home Explore Help
Sign In
RISCI_ATOM
/
mastodon
mirror of https://github.com/tootsuite/mastodon.git
1
0
Fork 0
Files Issues 8 Wiki
Tree: e014bf8ed0
Branches Tags
mastodon
/
nanobox
/
nginx-web.conf.erb

nginx-web.conf.erb 1.8 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. worker_processes 1;
    2. 

  2. daemon off;
    3. 

  3. 

  4. events {
    5. 

  5.     worker_connections 1024;
    6. 

  6. }
    7. 

  7. 

  8. http {
    9. 

  9.     include /data/etc/nginx/mime.types;
    10. 

  10.     sendfile on;
    11. 

  11. 

  12.     gzip on;
    13. 

  13.     gzip_http_version 1.0;
    14. 

  14.     gzip_proxied any;
    15. 

  15.     gzip_min_length 500;
    16. 

  16.     gzip_disable "MSIE [1-6]\.";
    17. 

  17.     gzip_types text/plain text/xml text/javascript text/css text/comma-separated-values application/xml+rss application/xml application/x-javascript application/json application/javascript application/atom+xml;
    18. 

  18. 

  19.     # Proxy upstream to the puma process
    20. 

  20.     upstream rails {
    21. 

  21.         server 127.0.0.1:3000;
    22. 

  22.     }
    23. 

  23. 

  24.     map $http_upgrade $connection_upgrade {
    25. 

  25.       default upgrade;
    26. 

  26.       ''      close;
    27. 

  27.     }
    28. 

  28. 

  29.     # Configuration for Nginx
    30. 

  30.     server {
    31. 

  31.         # Listen on port 8080
    32. 

  32.         listen 8080;
    33. 

  33. 

  34.         add_header Strict-Transport-Security "max-age=31536000";
    35. 

  35.         add_header Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://<%= ENV["LOCAL_DOMAIN"] %>; upgrade-insecure-requests";
    36. 

  36. 

  37.         root /app/public;
    38. 

  38. 

  39.         location / {
    40. 

  40.             try_files $uri @rails;
    41. 

  41.         }
    42. 

  42. 

  43.         location ~ ^/(assets|system/media_attachments/files|system/accounts/avatars) {
    44. 

  44.             add_header Cache-Control "public, max-age=31536000, immutable";
    45. 

  45.             try_files $uri @rails;
    46. 

  46.         }
    47. 

  47. 

  48.         # Proxy connections to rails
    49. 

  49.         location @rails {
    50. 

  50.             proxy_set_header Host $host;
    51. 

  51.             proxy_pass_header Server;
    52. 

  52. 

  53.             proxy_pass http://rails;
    54. 

  54.             proxy_buffering off;
    55. 

  55.             proxy_redirect off;
    56. 

  56.             proxy_http_version 1.1;
    57. 

  57.             proxy_set_header Upgrade $http_upgrade;
    58. 

  58.             proxy_set_header Connection $connection_upgrade;
    59. 

  59. 

  60.             tcp_nodelay on;
    61. 

  61.         }
    62. 

  62.     }
    63. 

  63. 

  64.     error_page 500 501 502 503 504 /500.html;
    65. 

  65. }
    66.