Merge 9a6187c9e9 into 94bceb8683

2025-07-15 08:48:15 +00:00 · 2025-07-11 14:03:34 +00:00 · 2025-07-11 14:03:34 +00:00 · 209bc1f0fc
commit 209bc1f0fc
parent 94bceb8683 9a6187c9e9
1 changed files with 13 additions and 27 deletions
--- a/dist/nginx.conf
+++ b/dist/nginx.conf
@ -66,65 +66,53 @@ server {
  gzip_static on;

  location / {
-    try_files $uri @proxy;
+    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
+    try_files $uri @mastodon;
  }

  # If Docker is used for deployment and Rails serves static files,
-  # then needed must replace line `try_files $uri =404;` with `try_files $uri @proxy;`.
-  location = /sw.js {
-    add_header Cache-Control "public, max-age=604800, must-revalidate";
-    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
-    try_files $uri =404;
-  }
-
-  location ~ ^/assets/ {
+  # then needed uncomment line with `try_files $uri @mastodon;`.
+  location ^~ /assets/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
-    try_files $uri =404;
+    # try_files $uri @mastodon;
  }

-  location ~ ^/avatars/ {
+  location ^~ /avatars/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
-    try_files $uri =404;
  }

-  location ~ ^/emoji/ {
+  location ^~ /emoji/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
-    try_files $uri =404;
  }

-  location ~ ^/headers/ {
+  location ^~ /headers/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
-    try_files $uri =404;
  }

-  location ~ ^/packs/ {
+  location ^~ /ocr/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
-    try_files $uri =404;
  }

-  location ~ ^/shortcuts/ {
+  location ^~ /packs/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
-    try_files $uri =404;
  }

-  location ~ ^/sounds/ {
+  location ^~ /sounds/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
-    try_files $uri =404;
  }

-  location ~ ^/system/ {
+  location ^~ /system/ {
    add_header Cache-Control "public, max-age=2419200, immutable";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    add_header X-Content-Type-Options nosniff;
    add_header Content-Security-Policy "default-src 'none'; form-action 'none'";
-    try_files $uri =404;
  }

  location ^~ /api/v1/streaming {
@ -141,12 +129,10 @@ server {
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

-    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
-
    tcp_nodelay on;
  }

-  location @proxy {
+  location @mastodon {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;