monarch-pass/etc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
etc/nginx/sites-available/social.conf
Adrian Malacoda a0f7e80abd Iniital commit
2018-11-22 16:19:07 -06:00

76 lines
2.5 KiB
Plaintext
Raw Blame History

server {
listen 80;
listen [::]:80;
server_name social.monarch-pass.net;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name social.monarch-pass.net;
access_log /var/log/nginx/social.monarch-pass.net/access.log;
error_log /var/log/nginx/social.monarch-pass.net/error.log;
#location /.well-known/ {
# root /var/www/html/;
# try_files $uri $uri/ =404;
#}
location /.well-known/acme-challenge/ {
root /var/www/html/;
try_files $uri $uri/ =404;
}
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml;
# the nginx default is 1m, not enough for large media uploads
client_max_body_size 16m;
location / {
# if you do not want remote frontends to be able to access your Pleroma backend
# server, remove these lines.
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Allow-Methods' 'POST, PUT, DELETE, GET, PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type, Idempotency-Key' always;
add_header 'Access-Control-Expose-Headers' 'Link, X-RateLimit-Reset, X-RateLimit-Limit, X-RateLimit-Remaining, X-Request-Id' always;
if ($request_method = OPTIONS) {
return 204;
}
# stop removing lines here.
add_header X-XSS-Protection "1; mode=block";
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy same-origin;
add_header X-Download-Options noopen;
# Uncomment this only after you get HTTPS working.
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:8012;
client_max_body_size 16m;
}
# location /proxy {
# proxy_cache pleroma_media_cache;
# proxy_cache_lock on;
# proxy_ignore_client_abort on;
# proxy_pass http://127.0.0.1:8012;
# }
}
Reference in New Issue View Git Blame Copy Permalink