hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Introduce support for custom nginx error pages

Browse Source 
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
2020-10-09 12:17:33 +02:00
parent 3a3a500e42
commit 07a5d10421
31 changed files with 476 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
support/nginx/mobilizon.conf
View File

@@ -35,13 +35,14 @@ server {
# ssl_certificate_key /etc/letsencrypt/live/example.tld/privkey.pem;
# Add TLSv1.3 if it's supported by your system
ssl_protocols TLSv1.2;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA';
ssl_prefer_server_ciphers on;
ssl_ecdh_curve prime256v1;
# ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=31536000";
gzip on;
gzip_disable "msie6";
@@ -55,6 +56,18 @@ server {
# the nginx default is 1m, not enough for large media uploads
client_max_body_size 16m;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location / {
try_files $uri @proxy;
}
# Let's Encrypt keeps its files here
location ^~ '/.well-known/acme-challenge' {
root /var/www/certbot;
@@ -62,29 +75,27 @@ server {
}
location / {
gzip off;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# For Websocket support
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://localhost:4000;
client_max_body_size 16m;
}
location ~* \.(css|js)$ {
location ~ ^/(js|css) {
root /home/mobilizon/live/priv/static;
etag off;
expires 1y;
access_log off;
add_header Cache-Control public;
add_header Cache-Control "public, max-age=31536000, immutable";
}
location ~ ^/(media|proxy) {
etag off;
access_log off;
add_header Cache-Control "public, max-age=31536000, immutable";
proxy_pass http://localhost:4000;
}
error_page 500 501 502 503 504 @error;
location @error {
root /home/tcit/dev/frama/mobilizon/priv/errors;
try_files /error.html 502;
}
}