942556673b
The Nginx configurations used by Nanobox previously neglected to increase the default upload size limit. This PR bumps that value up to the current Mastodon limit of 8MiB.
57 lines
1.5 KiB
Text
57 lines
1.5 KiB
Text
worker_processes 1;
|
|
daemon off;
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
include /data/etc/nginx/mime.types;
|
|
sendfile on;
|
|
|
|
gzip on;
|
|
gzip_http_version 1.1;
|
|
gzip_proxied any;
|
|
gzip_min_length 500;
|
|
gzip_disable "MSIE [1-6]\.";
|
|
gzip_types text/plain text/xml text/javascript text/css text/comma-separated-values application/xml+rss application/xml application/x-javascript application/json application/javascript application/atom+xml;
|
|
|
|
# Proxy upstream to the node process
|
|
upstream node {
|
|
server 127.0.0.1:4000;
|
|
}
|
|
|
|
map $http_upgrade $connection_upgrade {
|
|
default upgrade;
|
|
'' close;
|
|
}
|
|
|
|
# Configuration for Nginx
|
|
server {
|
|
# Listen on port 8080
|
|
listen 8080;
|
|
|
|
add_header Strict-Transport-Security "max-age=31536000";
|
|
add_header Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://<%= ENV["LOCAL_DOMAIN"] %>; upgrade-insecure-requests";
|
|
|
|
root /app/public;
|
|
|
|
location / {
|
|
try_files $uri @node;
|
|
}
|
|
|
|
# Proxy connections to node
|
|
location @node {
|
|
proxy_set_header Host $host;
|
|
|
|
proxy_pass http://node;
|
|
proxy_buffering off;
|
|
proxy_redirect off;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
|
|
tcp_nodelay on;
|
|
}
|
|
}
|
|
}
|