Disroot-Ansible/nginx
11
1
Fork 0
Code Pull requests Projects Releases 1 Activity

bump to cryptpad 5.1.0 #30

Merged
meaz merged 1 commit from cryptpad-5.1.0 into master 2022-09-27 21:17:20 +02:00
Conversation 0 Commits 1 Files changed 1 +9 -6
1 changed files with 9 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
templates/etc/nginx/sites-available/cryptpad.j2
View file

@ -46,12 +46,13 @@
add_header Cross-Origin-Embedder-Policy require-corp; add_header Cross-Origin-Embedder-Policy require-corp;
# any static assets loaded with "ver=" in their URL will be cached for a year # any static assets loaded with "ver=" in their URL will be cached for a year
if ($uri ~ ^(\/|.*\/|.*\.html)$) {
set $cacheControl no-cache;
}
if ($args ~ ver=) { if ($args ~ ver=) {
set $cacheControl max-age=31536000; set $cacheControl max-age=31536000;
} }
if ($uri ~ ^/.*(\/|\.html)$) {
set $cacheControl no-cache;
}
# Will not set any header if it is emptystring # Will not set any header if it is emptystring
add_header Cache-Control $cacheControl; add_header Cache-Control $cacheControl;
@ -74,7 +75,6 @@
set $frameSrc "'self' https://${sandbox_domain} blob:"; set $frameSrc "'self' https://${sandbox_domain} blob:";
# specifies valid sources for loading media using video or audio # specifies valid sources for loading media using video or audio
#set $mediaSrc "'self' data: * blob: ${main_domain}";
set $mediaSrc "blob:"; set $mediaSrc "blob:";
# defines valid sources for webworkers and nested browser contexts # defines valid sources for webworkers and nested browser contexts
@ -125,9 +125,12 @@
error_page 404 /customize.dist/404.html; error_page 404 /customize.dist/404.html;
# Finally, serve anything the above exceptions don't govern. # Finally, serve anything the above exceptions don't govern.
try_files /www/$uri /www/$uri/index.html /customize/$uri; try_files /customize/www/$uri /customize/www/$uri/index.html /www/$uri /www/$uri/index.html /customize/$uri;
{% endblock %} {% endblock %}
{% block location%} {% block location%}
# The nodejs process can handle all traffic whether accessed over websocket or as static assets
# We prefer to serve static content from nginx directly and to leave the API server to handle
# the dynamic content that only it can manage. This is primarily an optimization
location ^~ /cryptpad_websocket { location ^~ /cryptpad_websocket {
proxy_pass http://{{ item.proxy_pass }}:3000; proxy_pass http://{{ item.proxy_pass }}:3000;
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
@ -211,7 +214,7 @@
# The nodejs server has some built-in forwarding rules to prevent # The nodejs server has some built-in forwarding rules to prevent
# URLs like /pad from resulting in a 404. This simply adds a trailing slash # URLs like /pad from resulting in a 404. This simply adds a trailing slash
# to a variety of applications. # to a variety of applications.
location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media|profile|contacts|todo|filepicker|debug|kanban|sheet|support|admin|notifications|teams|calendar|presentation|doc|form|report|convert)$ { location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media|profile|contacts|todo|filepicker|debug|kanban|sheet|support|admin|notifications|teams|calendar|presentation|doc|form|report|convert|checkup)$ {
rewrite ^(.*)$ $1/ redirect; rewrite ^(.*)$ $1/ redirect;
} }
{% endblock %} {% endblock %}