-
Notifications
You must be signed in to change notification settings - Fork 0
/
nginx.conf
110 lines (89 loc) · 2.71 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
load_module modules/ngx_http_brotli_static_module.so;
user nginx;
worker_processes auto;
error_log /dev/stderr notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
brotli_static on;
gzip_static on;
log_format main
'access: [$time_local] ip=$remote_addr r="$request" '
's=$status b=$body_bytes_sent ref="$http_referer" ua="$http_user_agent" '
'ae="$http_accept_encoding" '
'rt=$request_time rl=$request_length '
'rid=$request_id cfr="$http_cf_ray" cfc="$http_cf_ipcountry"';
access_log /dev/stdout main;
include mime.types;
default_type application/octet-stream;
types {
# Amend the mime.types
application/manifest+json webmanifest;
# application/javascript is obsolete, see https://www.rfc-editor.org/rfc/rfc9239. This has
# not yet been updated by nginx, see https://trac.nginx.org/nginx/ticket/1407.
text/javascript js;
}
sendfile on;
server_tokens off;
absolute_redirect off; # Required to prevent rewrite redirects from losing the port
server {
listen 80;
listen [::]:80;
server_name _;
client_max_body_size 1M;
root /usr/share/nginx/html;
index index.html;
rewrite ^/(.*)/$ /$1 permanent; # Redirect to non-trailing slash
error_page 404 /index.html;
location = / {
rewrite index.html last;
}
location / {
add_header Cache-Control "no-cache";
add_header Referrer-Policy "same-origin";
add_header Strict-Transport-Security "max-age=63072000";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
try_files $uri $uri.html =404;
}
location /_app/immutable {
add_header Cache-Control "public, max-age=31536000, immutable";
}
location /gameicons {
add_header Cache-Control "public, max-age=604800";
}
location = /readyz {
default_type text/plain;
return 200 'ready';
}
location ~ /__data\.json$ {
# Prevents headers from / being added unnecessarily
add_header Cache-Control "no-cache";
}
location ~ \.html$ {
# location executed for: /, /Items.html
if ($request_uri ~ "^/(\?|$)") {
# Headers need to be repeated when / is fetched
add_header Cache-Control "no-cache";
add_header Referrer-Policy "same-origin";
add_header Strict-Transport-Security "max-age=63072000";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
}
if ($request_uri ~ "^/index.html(\?|$)") {
# Prevent serving duplicate content, do not serve /index.html.
return 301 /;
}
if ($request_uri ~ "\.html(\?|$)") {
# Prevent serving the same content twice. Make the non .html the canonical.
rewrite (.+)\.html$ $1 permanent;
}
}
location ~ \.(br|gz)$ {
# Do not serve the precompressed assets
return 404;
}
}
}