From 166351a98cb7f0a47b6090d7ed0804d316c26af8 Mon Sep 17 00:00:00 2001
From: meaz <meaz@disroot.org>
Date: Tue, 21 Jun 2022 06:33:26 +0200
Subject: [PATCH 1/2] cstate template

---
 templates/etc/nginx/sites-available/cstate.j2 | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 templates/etc/nginx/sites-available/cstate.j2

diff --git a/templates/etc/nginx/sites-available/cstate.j2 b/templates/etc/nginx/sites-available/cstate.j2
new file mode 100644
index 0000000..682d223
--- /dev/null
+++ b/templates/etc/nginx/sites-available/cstate.j2
@@ -0,0 +1,31 @@
+{% extends "core.j2" %}
+
+{% block location %}
+
+## LOCATIONS
+  location / {
+    proxy_pass {{ item.upstream_proto }}://{{ item.upstream_name }}:{{ item.upstream_port}};
+    # Add cache for static files
+    if ($request_uri ~* ^/(img|css|font|js)/) {
+      add_header Expires "Thu, 31 Dec 2037 23:55:55 GMT";
+      add_header Cache-Control "public, max-age=315360000";
+    }
+
+    # HTTPS only header, improves security
+    add_header Strict-Transport-Security "max-age=15768000";
+
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "upgrade";
+    proxy_http_version 1.1;
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+    # If you want to log the remote port of the file senders, you'll need that
+    proxy_set_header X-Remote-Port $remote_port;
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    # We expect the downstream servers to redirect to the right hostname, so don't do any rewrites here.
+    proxy_redirect     off;
+  }
+{% endblock %}
-- 
2.30.2


From 7fcaa2f982573d9b9e08ae8fc8eb19b67e0dd32d Mon Sep 17 00:00:00 2001
From: meaz <meaz@disroot.org>
Date: Mon, 25 Jul 2022 22:22:39 +0200
Subject: [PATCH 2/2] fix cstate template

---
 templates/etc/nginx/sites-available/cstate.j2 | 19 +++++--------------
 1 file changed, 5 insertions(+), 14 deletions(-)

diff --git a/templates/etc/nginx/sites-available/cstate.j2 b/templates/etc/nginx/sites-available/cstate.j2
index 682d223..3d4ad13 100644
--- a/templates/etc/nginx/sites-available/cstate.j2
+++ b/templates/etc/nginx/sites-available/cstate.j2
@@ -1,10 +1,14 @@
 {% extends "core.j2" %}
 
+{% block root %}
+  root {{ item.root }};
+  index {{ item.index }};
+{% endblock %}
+
 {% block location %}
 
 ## LOCATIONS
   location / {
-    proxy_pass {{ item.upstream_proto }}://{{ item.upstream_name }}:{{ item.upstream_port}};
     # Add cache for static files
     if ($request_uri ~* ^/(img|css|font|js)/) {
       add_header Expires "Thu, 31 Dec 2037 23:55:55 GMT";
@@ -14,18 +18,5 @@
     # HTTPS only header, improves security
     add_header Strict-Transport-Security "max-age=15768000";
 
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection "upgrade";
-    proxy_http_version 1.1;
-    proxy_set_header Host $host;
-    proxy_set_header X-Real-IP $remote_addr;
-    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
-    # If you want to log the remote port of the file senders, you'll need that
-    proxy_set_header X-Remote-Port $remote_port;
-    proxy_set_header X-Forwarded-Proto $scheme;
-
-    # We expect the downstream servers to redirect to the right hostname, so don't do any rewrites here.
-    proxy_redirect     off;
   }
 {% endblock %}
-- 
2.30.2