Files
console/docker/nginx.conf
T
2024-10-18 15:07:41 +02:00

43 lines
1.7 KiB
Nginx Configuration File

map $sent_http_content_type $expires {
# cache everything for 1 year
default 1y;
# html files shouldn't be cached for single-page applications
text/html off;
}
server {
listen 80;
server_name localhost;
# serve compressed file if filename.gz exists
gzip_static on;
location /console {
root /usr/share/nginx/html;
index index.html index.htm;
try_files $uri /console/index.html;
# Add cache headers
expires $expires;
add_header Pragma public;
add_header Cache-Control "public";
# Deny IE browsers from going into quirks mode
add_header X-UA-Compatible "IE=Edge";
# X-Frame-Options is to prevent from clickJacking attack
add_header X-Frame-Options SAMEORIGIN;
# This header enables the Cross-site scripting (XSS) filter
add_header X-XSS-Protection "1; mode=block;";
# disable content-type sniffing on some browsers.
add_header X-Content-Type-Options nosniff;
# enable HSTS
add_header Strict-Transport-Security 'max-age=63072000; includeSubDomains; preload';
# enable CSP
add_header Content-Security-Policy "default-src 'self'; script-src 'report-sample' 'self' https://js.stripe.com/v3; style-src 'report-sample' 'self'; object-src 'none'; base-uri 'self'; connect-src 'self' https://growth.appwrite.io https://*.sentry.io https://plausible.io; font-src 'self' https://fonts.appwrite.io; frame-src 'self' https://js.stripe.com; img-src 'self'; manifest-src 'self'; media-src 'self'; worker-src 'self' blob:;";
}
location / {
absolute_redirect off;
return 301 /console;
}
}