edwin
/
nginxconfig
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Nginx Configuration
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
1 Branch
0 Tags
328 KiB
 
Tag: Branch: Tree: 4d6eeab518
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4d6eeab518'
${ noResults }
nginxconfig/sites-enabled/element

102 lines
3.7 KiB
Raw Blame History

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name element.thelyoncompany.com;
root /var/www/html/element;
index index.html;
ssl_certificate /etc/letsencrypt/live/thelyoncompany.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/thelyoncompany.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/thelyoncompany.com/fullchain.pem;
ssl_dhparam /etc/nginx/dhparam.pem;
#ssl_client_certificate /etc/nginx/ssl/cloudflare.crt;
#ssl_verify_client optional;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Cache-Control "no-transform";
add_header X-UA-Compatible "IE=Edge";
add_header X-Robots-Tag none;
add_header Referrer-Policy "no-referrer-when-downgrade";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
add_header Content-Security-Policy "upgrade-insecure-requests";
add_header Permissions-Policy "geolocation=(self);midi=();notifications=(self);push=(self);sync-xhr=(self);microphone=(self);camera=(self);magnetometer=();gyroscope=(self);speaker=(self);vibrate=(self);fullscreen=(self);payment=()";
charset utf-8;
charset_types text/css text/plain text/vnd.wap.wml text/javascript text/markdown text/calendar text/x-component text/vcard text/cache-manifest text/vtt application/json application/manifest+json;
location = /index.html {
add_header Cache-Control "no-cache";
}
location = /version {
add_header Cache-Control "no-cache";
}
# covers config.json and config.hostname.json requests as it is prefix.
location /config {
add_header Cache-Control "no-cache";
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
if ($http_referer ~ "semalt\.com|badsite\.net|example\.com") {
return 444;
}
location / {
try_files $uri $uri/index.html =404;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
}
location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ {
expires 7d;
access_log off;
}
location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ {
add_header Access-Control-Allow-Origin "*";
add_header Timing-Allow-Origin "*";
expires 7d;
access_log off;
}
location ~* .(zip|gz|gzip|bz2|csv|xml|json|html)$ {
expires off;
add_header X-Frame-Options "SAMEORIGIN";
add_header Cache-Control "no-store";
}
location ^~ /static/ {
expires 1M;
add_header X-Frame-Options "SAMEORIGIN";
add_header Cache-Control "public";
}
location ^~ /media/ {
expires 1M;
add_header X-Frame-Options "SAMEORIGIN";
add_header Cache-Control "public";
}
location ^~ /i18n/ {
expires off;
add_header X-Frame-Options "SAMEORIGIN";
add_header Cache-Control "no-store";
}
}