85 lines
No EOL
2.6 KiB
Text
85 lines
No EOL
2.6 KiB
Text
server {
|
|
server_name docfast.dev www.docfast.dev;
|
|
|
|
client_max_body_size 10m;
|
|
|
|
# Enable gzip compression
|
|
gzip on;
|
|
gzip_vary on;
|
|
gzip_min_length 1024;
|
|
gzip_types
|
|
text/plain
|
|
text/css
|
|
application/json
|
|
application/javascript
|
|
text/xml
|
|
application/xml
|
|
application/xml+rss
|
|
text/javascript;
|
|
|
|
# Specific locations for robots.txt and sitemap.xml with caching
|
|
location = /robots.txt {
|
|
proxy_pass http://127.0.0.1:3100;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Cache for 1 day
|
|
expires 1d;
|
|
add_header Cache-Control "public, max-age=86400";
|
|
}
|
|
|
|
location = /sitemap.xml {
|
|
proxy_pass http://127.0.0.1:3100;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Cache for 1 day
|
|
expires 1d;
|
|
add_header Cache-Control "public, max-age=86400";
|
|
}
|
|
|
|
# Static assets caching
|
|
location ~* \.(css|js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
|
proxy_pass http://127.0.0.1:3100;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Cache static assets for 1 week
|
|
expires 7d;
|
|
add_header Cache-Control "public, max-age=604800, immutable";
|
|
}
|
|
|
|
# All other requests
|
|
location / {
|
|
proxy_pass http://127.0.0.1:3100;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_read_timeout 60s;
|
|
|
|
# Security headers
|
|
}
|
|
|
|
listen 443 ssl; # managed by Certbot
|
|
ssl_certificate /etc/letsencrypt/live/docfast.dev/fullchain.pem; # managed by Certbot
|
|
ssl_certificate_key /etc/letsencrypt/live/docfast.dev/privkey.pem; # managed by Certbot
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
}
|
|
|
|
server {
|
|
if ($host = docfast.dev) {
|
|
return 301 https://$host$request_uri;
|
|
} # managed by Certbot
|
|
|
|
listen 80;
|
|
server_name docfast.dev www.docfast.dev;
|
|
return 404; # managed by Certbot
|
|
} |