Docker/AdventureLog
Docker/AdventureLog
1
0
Fork 0
mirror of https://github.com/seanmorley15/AdventureLog.git synced 2025-07-19 04:49:37 +02:00
Code Issues Releases Activity

refactor: improve formatting and organization in nginx configuration

Browse source
This commit is contained in:
Sean Morley 2025-05-31 21:54:45 -04:00
parent b50447b1a2
commit c159e176b3
1 changed files with 14 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

33
backend/nginx.conf
View file

@ -1,26 +1,22 @@
worker_processes 1; worker_processes 1;
events { events {
worker_connections 1024; worker_connections 1024;
} }
http { http {
include /etc/nginx/mime.types; include /etc/nginx/mime.types;
default_type application/octet-stream; default_type application/octet-stream;
sendfile on; sendfile on;
keepalive_timeout 65; keepalive_timeout 65;
client_max_body_size 100M; client_max_body_size 100M;
upstream django { upstream django {
server 127.0.0.1:8000; server 127.0.0.1:8000;
} }
server { server {
listen 80; listen 80;
server_name localhost; server_name localhost;
location / { location / {
proxy_pass http://django; proxy_pass http://django;
proxy_set_header Host $host; proxy_set_header Host $host;
@ -28,28 +24,27 @@ http {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
} }
location /static/ { location /static/ {
alias /code/staticfiles/; alias /code/staticfiles/;
} }
# Internal redirect path for protected media # Special handling for PDF files with CSP headers
location /protectedMedia/ {
internal;
alias /code/media/;
try_files $uri =404;
}
# Special headers for PDF responses under /protectedMedia/
location ~ ^/protectedMedia/.*\.pdf$ { location ~ ^/protectedMedia/.*\.pdf$ {
internal; internal;
alias /code/media/; alias /code/media/;
try_files $uri =404; try_files $uri =404;
add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always; add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always;
add_header X-Content-Type-Options nosniff always; add_header X-Content-Type-Options nosniff always;
add_header X-Frame-Options SAMEORIGIN always; add_header X-Frame-Options SAMEORIGIN always;
add_header Content-Disposition "inline" always; add_header Content-Disposition "inline" always;
} }
# General protected media files (non-PDF)
location /protectedMedia/ {
internal;
alias /code/media/;
try_files $uri =404;
}
} }
} }