diff options
Diffstat (limited to 'gotosocial/gotosocial.nginx')
-rw-r--r-- | gotosocial/gotosocial.nginx | 82 |
1 files changed, 82 insertions, 0 deletions
diff --git a/gotosocial/gotosocial.nginx b/gotosocial/gotosocial.nginx new file mode 100644 index 0000000..eff683b --- /dev/null +++ b/gotosocial/gotosocial.nginx @@ -0,0 +1,82 @@ +server { + listen 80; + listen [::]:80; + server_name yourdomain.com; + return 301 https://$server_name$request_uri; +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name yourdomain.com; + + ssl_certificate /etc/nginx/cert/yourdomain.com.pem; + ssl_certificate_key /etc/nginx/cert/yourdomain.com.key; + + location ~ /.well-known/(webfinger|host-meta)$ { + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_cache gotosocial_ap_public_responses; + proxy_cache_background_update on; + proxy_cache_key $scheme://$host$uri$is_args$query_string; + proxy_cache_valid 200 10m; + proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504 http_429; + proxy_cache_lock on; + add_header X-Cache-Status $upstream_cache_status; + + proxy_pass http://127.0.0.1:8788; + } + + location ~ ^\/users\/(?:[a-z0-9_\.]+)\/main-key$ { + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + + proxy_cache gotosocial_ap_public_responses; + proxy_cache_background_update on; + proxy_cache_key $scheme://$host$uri; + proxy_cache_valid 200 604800s; + proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504 http_429; + proxy_cache_lock on; + add_header X-Cache-Status $upstream_cache_status; + + proxy_pass http://127.0.0.1:8788; + } + + location /assets/ { + alias web-asset-base-dir/; + autoindex off; + expires 5m; + add_header Cache-Control "public"; + } + + location @fileserver { + + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + } + + location /fileserver/ { + proxy_pass http://127.0.0.1:8788/; + alias storage-local-base-path/; + autoindex off; + expires max; + add_header Cache-Control "private, immutable"; + try_files $uri @fileserver; + } + + location / { + proxy_pass http://127.0.0.1:8788; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + } + client_max_body_size 40M; +}
\ No newline at end of file |