Сообщество IT-специалистов
Ответы на любые вопросы об IT
Профессиональное развитие в IT
Удаленная работа для IT-специалистов
server { listen 80; server_name ; return 301 https://$server_name$request_uri; } server { charset utf-8; client_max_body_size 128M; autoindex on; server_tokens off; root /../../frontend/current; access_log /var/log/nginx/access.log main; error_log /var/log/nginx/error.log warn; listen 443 ssl; ssl_certificate /etc/letsencrypt/live/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; location / { try_files $uri $uri/ /index.html?$args; proxy_connect_timeout 300; proxy_send_timeout 600; proxy_read_timeout 600; proxy_buffer_size 64k; proxy_buffers 16 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; proxy_pass_header Set-Cookie; proxy_redirect off; proxy_hide_header Vary; proxy_set_header Accept-Encoding ''; proxy_ignore_headers Cache-Control Expires; proxy_set_header Referer $http_referer; proxy_set_header Host $host; proxy_set_header Cookie $http_cookie; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } location /api { add_header Strict-Transport-Security "max-age=15768000"; add_header Access-Control-Allow-Origin $allow_origin; add_header Access-Control-Allow-Credentials 'true'; add_header Access-Control-Max-Age $cors_max_age; add_header Access-Control-Allow-Methods $cors_allow_methods; add_header Access-Control-Allow-Headers $cors_allow_headers; set $initial_content_length $sent_http_content_length; add_header 'Content-Length' ""; add_header 'Content-Length' $cors_content_length; set $initial_content_type $sent_http_content_type; add_header Content-Type ""; add_header Content-Type $cors_content_type; if ($request_method = 'OPTIONS') { return 204; } proxy_pass_request_headers on; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://127.0.0.1:3000/api/; } gzip on; gzip_disable "msie6"; gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript; gzip_comp_level 5; location ~* ^.+\.(woff|rss|atom|jpg|jpeg|gif|png|ico|rtf)$ { expires max; } location ~ /.well-known { allow all; } } map $http_origin $allow_origin { default "$http_origin"; } map $request_method $cors_method { default "allowed"; "OPTIONS" "preflight"; } map $cors_method $cors_max_age { default ""; "preflight" 1728000; } map $cors_method $cors_allow_methods { default ""; "preflight" "GET, POST, OPTIONS"; } map $cors_method $cors_allow_headers { default ""; "preflight" "Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since"; } map $cors_method $cors_content_length { default $initial_content_length; "preflight" 0; } map $cors_method $cors_content_type { default $initial_content_type; "preflight" "text/plain charset=UTF-8"; }
не стал выносить в отдельный conf т.к. это мне нужно только на время разработки