Fool-Stack/Kanban-Front
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7346073d629f913e56846cf53453e02871346d6f
Kanban-Front/docker/nginx/default.conf.template
Vladiysss 31c2764936 Init
2026-04-18 14:55:18 +03:00

84 lines
2.2 KiB
Plaintext
Raw Blame History

map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
server_name _;
root /usr/share/nginx/html;
index index.html;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header X-XSS-Protection "1; mode=block" always;
# Gzip
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_comp_level 6;
gzip_types
text/plain
text/css
text/javascript
application/javascript
application/json
application/xml
image/svg+xml
font/ttf
font/otf
font/woff
font/woff2;
# SPA fallback
location / {
try_files $uri $uri/ /index.html;
}
# Hashed static assets — агрессивный кэш
location /static/ {
expires 1y;
access_log off;
add_header Cache-Control "public, immutable";
try_files $uri =404;
}
# HTML не кэшируется (чтобы обновления прилетали сразу)
location = /index.html {
add_header Cache-Control "no-store, no-cache, must-revalidate" always;
expires -1;
}
# API + WebSocket → backend
location /api/ {
proxy_pass ${BACKEND_URL};
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_connect_timeout 10s;
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
# Загруженные аватары → backend
location /static/avatars/ {
proxy_pass ${BACKEND_URL};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
error_page 404 /index.html;
}
Reference in New Issue View Git Blame Copy Permalink