Ana Sayfa Keşfet Yardım
Giriş Yap
git
/
radionica3d
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: be4ed04249
Dallar Biçim İmleri
radionica3d
/
nginx.conf

nginx.conf 3.2 KB
Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 
  1. server {
    2. 

  2.     server_name radionica3d.me 148.230.71.134;
    3. 

  3. 

  4.     root /var/www/radionica3d/dist;
    5. 

  5.     index index.html;
    6. 

  6.     charset utf-8;
    7. 

  7. 

  8.     # Gzip Compression
    9. 

  9.     gzip on;
    10. 

  10.     gzip_static on; # Serve .gz files if they exist
    11. 

  11.     gzip_vary on;
    12. 

  12.     gzip_proxied any;
    13. 

  13.     gzip_comp_level 6;
    14. 

  14.     gzip_buffers 16 8k;
    15. 

  15.     gzip_http_version 1.1;
    16. 

  16.     gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml font/woff2;
    17. 

  17. 

  18.     # Security Headers
    19. 

  19.     add_header X-Frame-Options "SAMEORIGIN";
    20. 

  20.     add_header X-XSS-Protection "1; mode=block";
    21. 

  21.     add_header X-Content-Type-Options "nosniff";
    22. 

  22.     add_header Referrer-Policy "strict-origin-when-cross-origin";
    23. 

  23.     # add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;
    24. 

  24. 

  25.     # SEO & Prerendering Optimization
    26. 

  26.     location / {
    27. 

  27.         # First attempt to serve request as file, then as directory/index.html, 
    28. 

  28.         # then fall back to the main index.html (SPA)
    29. 

  29.         try_files $uri $uri/index.html /index.html;
    30. 

  30.         
    31. 

  31.         # Caching for index.html (don't cache)
    32. 

  32.         location = /index.html {
    33. 

  33.             add_header Cache-Control "no-store, no-cache, must-revalidate";
    34. 

  34.         }
    35. 

  35.     }
    36. 

  36. 

  37.     # Static assets in /assets/ (Vite)
    38. 

  38.     location ^~ /assets/ {
    39. 

  39.         expires 1y;
    40. 

  40.         add_header Cache-Control "public, immutable";
    41. 

  41.         access_log off;
    42. 

  42.     }
    43. 

  43. 

  44.     # Font files (local hosting, long-term cache)
    45. 

  45.     location ^~ /fonts/ {
    46. 

  46.         expires 10y;
    47. 

  47.         add_header Cache-Control "public, immutable";
    48. 

  48.         access_log off;
    49. 

  49.     }
    50. 

  50. 

  51.     # Other static files
    52. 

  52.     location ~* \.(?:ico|gif|jpe?g|png|svg|webp|avif)$ {
    53. 

  53.         expires 9d;
    54. 

  54.         add_header Cache-Control "public";
    55. 

  55.         access_log off;
    56. 

  56.     }
    57. 

  57. 

  58.     # Proxy API requests to backend
    59. 

  59.     location /api/ {
    60. 

  60.         proxy_pass http://127.0.0.1:8000/;
    61. 

  61.         proxy_set_header Host $host;
    62. 

  62.         proxy_set_header X-Real-IP $remote_addr;
    63. 

  63.         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    64. 

  64.         proxy_set_header X-Forwarded-Proto $scheme;
    65. 

  65.     }
    66. 

  66. 

  67.     # Standalone Deploy Webhook
    68. 

  68.     location /deploy-webhook {
    69. 

  69.         proxy_pass http://127.0.0.1:9000;
    70. 

  70.         proxy_set_header Host $host;
    71. 

  71.     }
    72. 

  72. 

  73.     # WebSocket requests
    74. 

  74.     location /ws/ {
    75. 

  75.         proxy_pass http://127.0.0.1:8000/;
    76. 

  76.         proxy_http_version 1.1;
    77. 

  77.         proxy_set_header Upgrade $http_upgrade;
    78. 

  78.         proxy_set_header Connection "Upgrade";
    79. 

  79.         proxy_set_header Host $host;
    80. 

  80.         proxy_read_timeout 86400;
    81. 

  81.     }
    82. 

  82. 

  83.     # Static uploads
    84. 

  84.     location ^~ /uploads/ {
    85. 

  85.         alias /var/www/radionica3d/backend/uploads/;
    86. 

  86.         expires 30d;
    87. 

  87.         add_header Cache-Control "public";
    88. 

  88.     }
    89. 

  89. 

  90.     listen 443 ssl; # managed by Certbot
    91. 

  91.     ssl_certificate /etc/letsencrypt/live/radionica3d.me/fullchain.pem; # managed by Certbot
    92. 

  92.     ssl_certificate_key /etc/letsencrypt/live/radionica3d.me/privkey.pem; # managed by Certbot
    93. 

  93.     include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    94. 

  94.     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    95. 

  95. }
    96. 

  96. 

  97. server {
    98. 

  98.     if ($host = radionica3d.me) {
    99. 

  99.         return 301 https://$host$request_uri;
    100. 

  100.     } # managed by Certbot
    101. 

  101. 

  102.     listen 80;
    103. 

  103.     server_name radionica3d.me;
    104. 

  104.     return 301 https://radionica3d.me$request_uri;
    105. 

  105. }
    106.