masto-fe/nanobox/nginx-web.conf.erb

worker_processes 1;
daemon off;

events {
    worker_connections 1024;
}

http {
    include /data/etc/nginx/mime.types;
    sendfile on;

    gzip on;
    gzip_http_version 1.0;
    gzip_proxied any;
    gzip_min_length 500;
    gzip_disable "MSIE [1-6]\.";
    gzip_types text/plain text/xml text/javascript text/css text/comma-separated-values application/xml+rss application/xml application/x-javascript application/json application/javascript application/atom+xml;

    # Proxy upstream to the puma process
    upstream rails {
        server 127.0.0.1:3000;
    }

    map $http_upgrade $connection_upgrade {
        default upgrade;
        ''      close;
    }

    # Configuration for Nginx
    server {
        # Listen on port 8080
        listen 8080;

        add_header Strict-Transport-Security "max-age=31536000";
        add_header Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://<%= ENV["LOCAL_DOMAIN"] %>; upgrade-insecure-requests";

        root /app/public;

        client_max_body_size 8M;

        location / {
            try_files $uri @rails;
        }

        location /sw.js {
            add_header Cache-Control "public, max-age=0";
            try_files $uri @rails;
        }

        location ~ ^/(emoji|packs|system/media_attachments/files|system/accounts/avatars) {
            add_header Cache-Control "public, max-age=31536000, immutable";
            try_files $uri @rails;
        }

        # Proxy connections to rails
        location @rails {
            proxy_set_header Host $host;
            proxy_pass_header Server;

            proxy_pass http://rails;
            proxy_buffering off;
            proxy_redirect off;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;

            tcp_nodelay on;
        }
    }

    error_page 500 501 502 503 504 /500.html;
}