2021-08-03 19:04:45 +02:00
|
|
|
server {
|
2025-02-21 05:22:48 -03:00
|
|
|
listen 80;
|
|
|
|
|
listen [::]:80;
|
|
|
|
|
server_name cinny.domain.tld;
|
2021-08-03 19:04:45 +02:00
|
|
|
|
2025-02-21 05:22:48 -03:00
|
|
|
location / {
|
|
|
|
|
return 301 https://$host$request_uri;
|
|
|
|
|
}
|
2021-08-03 19:04:45 +02:00
|
|
|
|
2025-02-21 05:22:48 -03:00
|
|
|
location /.well-known/acme-challenge/ {
|
|
|
|
|
alias /var/lib/letsencrypt/.well-known/acme-challenge/;
|
|
|
|
|
}
|
2021-08-03 19:04:45 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
server {
|
2025-02-21 05:22:48 -03:00
|
|
|
listen 443 ssl http2;
|
|
|
|
|
listen [::]:443 ssl;
|
|
|
|
|
server_name cinny.domain.tld;
|
2021-08-03 19:04:45 +02:00
|
|
|
|
2026-07-02 14:41:08 -04:00
|
|
|
# Security headers (generic; add a Content-Security-Policy suited to your
|
|
|
|
|
# homeserver + any embedded services). NOTE: nginx does not inherit
|
|
|
|
|
# server-level add_header into a location that sets its own add_header.
|
|
|
|
|
add_header X-Frame-Options SAMEORIGIN always;
|
|
|
|
|
add_header X-Content-Type-Options nosniff always;
|
|
|
|
|
add_header Referrer-Policy strict-origin-when-cross-origin always;
|
|
|
|
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
|
|
|
|
|
add_header Permissions-Policy "accelerometer=(), autoplay=(self), camera=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(self), midi=(), payment=(), usb=()" always;
|
|
|
|
|
|
2025-02-21 05:22:48 -03:00
|
|
|
location / {
|
|
|
|
|
root /opt/cinny/dist/;
|
2024-07-24 18:21:03 +05:30
|
|
|
|
2025-02-21 05:22:48 -03:00
|
|
|
rewrite ^/config.json$ /config.json break;
|
|
|
|
|
rewrite ^/manifest.json$ /manifest.json break;
|
2024-07-24 18:21:03 +05:30
|
|
|
|
2025-02-21 05:22:48 -03:00
|
|
|
rewrite ^/sw.js$ /sw.js break;
|
|
|
|
|
rewrite ^/pdf.worker.min.js$ /pdf.worker.min.js break;
|
2024-07-24 18:21:03 +05:30
|
|
|
|
2025-02-21 05:22:48 -03:00
|
|
|
rewrite ^/public/(.*)$ /public/$1 break;
|
|
|
|
|
rewrite ^/assets/(.*)$ /assets/$1 break;
|
2024-07-24 18:21:03 +05:30
|
|
|
|
2025-02-21 05:22:48 -03:00
|
|
|
rewrite ^(.+)$ /index.html break;
|
|
|
|
|
}
|
2021-08-03 19:04:45 +02:00
|
|
|
}
|