From 4daca9672e5021c6187136e700146d255fdaac5a Mon Sep 17 00:00:00 2001
From: OniriCorpe <oniricorpe@disroot.org>
Date: Sun, 11 Feb 2024 21:50:29 +0100
Subject: [PATCH] caching medias and static files

---
 conf/nginx.conf | 62 +++++++++++++++++++++++++++++++------------------
 1 file changed, 40 insertions(+), 22 deletions(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index ff4222f..ab5df41 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,26 +1,32 @@
 #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
-location __PATH__/  {
+location __PATH__/ {
 
-    alias __INSTALL_DIR__/;
+  alias __INSTALL_DIR__/;
 
-    if (!-e $request_filename) {
-    	rewrite ^(.*)$ /index.php?pagename=$1;
-    }
+  if (!-e $request_filename) {
+    rewrite ^(.*)$ /index.php?pagename=$1;
+  }
 
-    #allow uploads up to 20MB in size
-    client_max_body_size 50M;
-    client_body_buffer_size 128k;
+  #allow uploads up to 20MB in size
+  client_max_body_size 50M;
+  client_body_buffer_size 128k;
 
-    #Default indexes and catch-all
-    index  index.php;
+  #Default indexes and catch-all
+  index index.php;
+
+  # tell friendica that it is behind a reverse proxy
+  # https://wiki.friendi.ca/docs/install#optional_reverse-proxying_and_https
+  proxy_set_header X-Forwarded-For $remote_addr;
+  proxy_set_header X-Forwarded-Proto $scheme;
+  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 
   # make sure webfinger and other well known services aren't blocked
   # by denying dot files and rewrite request to the front controller
   location ^~ /.well-known/ {
     allow all;
-   if (!-e $request_filename) {
-     rewrite ^(.*)$ /index.php?pagename=$1;
-   }
+    if (!-e $request_filename) {
+      rewrite ^(.*)$ /index.php?pagename=$1;
+    }
   }
 
   include mime.types;
@@ -30,15 +36,27 @@ location __PATH__/  {
     deny all;
   }
 
-    #Execute and serve PHP files
-    location ~* \.php$ {
-        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-        try_files $uri =404;
-        fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
-        fastcgi_index index.php;
-        include fastcgi_params;
-        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
-    }
+  #Execute and serve PHP files
+  location ~* \.php$ {
+    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+    try_files $uri =404;
+    fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+    fastcgi_index index.php;
+    include fastcgi_params;
+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+  }
+
+  # cache medias
+  location ~* (/images/|/photo/) {
+    # 604800 = 1 week
+    more_set_headers "Cache-Control: private, immutable, max-age=604800";
+  }
+
+  # cache static files
+  location /static/ {
+    # 300 = 5 minutes
+    more_set_headers "Cache-control: public, max-age=300";
+  }
 
   # deny access to all dot files
   location ~ /\. {