datacyber
/
www-ajsystem
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
www-ajsystem/scripts/virtualhost.template

103 lines
3.4 KiB
Plaintext
Raw Permalink Blame History

server {
listen 80;
#listen [::]:80;
server_name %SITE_DOMAINS%;
return 301 https://%SITE_NAME%request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
include snippets/self-signed.conf;
include snippets/ssl-params.conf;
server_name %SITE_DOMAINS%;
#resolver 8.8.8.8 8.8.4.4 valid=300s;
#resolver_timeout 5s;
#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; ";
#ssl_dhparam /etc/ssl/certs/dhparam.pem;
# Add some protection headers for ClickJacking
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header 'Access-Control-Allow-Origin' '*';
# Configura http2
#http2_max_field_size 16k;
#http2_max_header_size 32k;
large_client_header_buffers 4 8k;
# Habilita compresion
gzip on;
gzip_comp_level 6;
gzip_vary on;
gzip_min_length 1000;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_buffers 16 8k;
# Remove server identifiers to help against enumeration
server_tokens off;
root /var/www/static/%SITE_NAME%;
try_files $uri $uri/ /index.html;
location ~ \.svgz$ {
add_header Content-Encoding gzip;
}
error_page 404 /errors/404.html;
location = /errors/404.html {
root /var/www/static/%SITE_NAME%/errors;
internal;
}
access_log /var/www/log/%SITE_NAME%/static.access.log;
error_log /var/www/log/%SITE_NAME%/static.error.log;
index index.html index.htm;
#location ~* ^.+.(htm|html|jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$ {
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
#access_log off;
expires max;
}
location ~* \.(json|html)$ {
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
#
# Om nom nom cookies
#
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
#
# Custom headers and headers various browsers *should* be OK with but aren't
#
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
#
# Tell client that this pre-flight info is valid for 20 days
#
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
if ($request_method = 'POST') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
if ($request_method = 'GET') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
}
}
location ~ /\.ht {
deny all;
}
}
Reference in New Issue View Git Blame Copy Permalink