trent_larson
/
crowd-funder-for-time-pwa
4
1
Fork 2
Code Pull Requests 12 Releases 5 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1952 Commits
76 Branches
23 Tags
452 MiB
 
 
 
 
 
 
Tree: f861f0ccc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f861f0ccc1'
${ noResults }
crowd-funder-for-time-pwa/docker/default.conf

110 lines
2.9 KiB
Raw Blame History

# TimeSafari Default Server Configuration
# Author: Matthew Raymer
# Description: Production server configuration for TimeSafari web application
#
# Features:
# - Vue.js SPA routing support
# - Static file caching optimization
# - Security hardening
# - Performance optimization
# - Proper error handling
server {
listen 80;
server_name _;
root /usr/share/nginx/html;
index index.html;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Permissions-Policy "geolocation=(), microphone=(), camera=()" always;
# Handle Vue.js SPA routing
location / {
try_files $uri $uri/ /index.html;
# Cache static assets
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
add_header Vary "Accept-Encoding";
}
# Cache HTML files for a shorter time
location ~* \.html$ {
expires 1h;
add_header Cache-Control "public, must-revalidate";
}
}
# Handle service worker
location /sw.js {
expires 0;
add_header Cache-Control "no-cache, no-store, must-revalidate";
add_header Pragma "no-cache";
}
# Handle manifest file
location /manifest.json {
expires 1d;
add_header Cache-Control "public";
}
# Handle API requests (if needed)
location /api/ {
limit_req zone=api burst=20 nodelay;
proxy_pass http://backend:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Handle health check
location /health {
access_log off;
return 200 "healthy\n";
add_header Content-Type text/plain;
}
# Handle robots.txt
location /robots.txt {
expires 1d;
add_header Cache-Control "public";
}
# Handle favicon
location /favicon.ico {
expires 1y;
add_header Cache-Control "public, immutable";
}
# Security: Deny access to hidden files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Security: Deny access to backup files
location ~ ~$ {
deny all;
access_log off;
log_not_found off;
}
# Error pages
error_page 404 /index.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# Logging
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log warn;
}