mirror of
https://github.com/YunoHost-Apps/mastodon_ynh.git
synced 2024-09-03 19:46:02 +02:00
c699e1f7a7
* Convert to v2 (#383) * convert script * v2 * Auto-update README * Update documentation cc @panomaki * Bump ruby version from 3.0.6 to 3.2.2 * v2 * Auto-update README * woops * v2 * v2 * s/final_path/install_dir * Update PRE_INSTALL.md * too soon... * v2 * v2 * v2 * Update tests.toml * Update doc/PRE_INSTALL.md Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org> * Update doc/PRE_INSTALL_fr.md Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org> * Update tests.toml Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org> * Update tests.toml Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org> * Update doc/PRE_INSTALL.md Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org> * Update doc/PRE_INSTALL_fr.md Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org> * Apply suggestions * Update manifest.toml * Auto-update README * Update manifest.toml * Update scripts * Auto-update README * Remove SSO integration * Use new mail mechanism * cleaning * Update manifest.toml --------- Co-authored-by: yunohost-bot <yunohost@yunohost.org> Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org> Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com> * Bump ynh version * Auto-update README * Update manifest.toml * Update doc/PRE_INSTALL.md Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org> * Add service setting for app shell * Use logrotate * smtp config follow-up Sidekiq service can be properly hardened since it doesn't use sendmail anymore o/ * Fix mkdir failing if /var/log/mastodon already exists * upgrade: Rename database to match packaging v2 * Bump 4.1.6~ynh2 * Auto-update README * Disable install.private test * remove full_domain * 4.1.7 (#403) * 4.1.7 * Auto-update README * Update manifest.toml * Auto-update README --------- Co-authored-by: yunohost-bot <yunohost@yunohost.org> Co-authored-by: Tagada <36127788+Tagadda@users.noreply.github.com> * fix * fix * Don't swap when running on a LXC * Hardcore the needed RAM * Auto-update README * Auto-update README * Update manifest.toml * Auto-update README * Update _common.sh * Auto-update README * cleaning * cleaning * Auto-update README * Auto-update README * Update tests.toml * Fix restore * Fix manifest.toml * Auto-update README * Auto-update README * add `tootctl self-destruct` info * format * Auto-update README * lol autotranslate * break line * break lines * translation from french * update version * Auto-update README * Update manifest.toml --------- Co-authored-by: yunohost-bot <yunohost@yunohost.org> Co-authored-by: Alexandre Aubin <alex.aubin@mailoo.org> Co-authored-by: Éric Gaspar <46165813+ericgaspar@users.noreply.github.com> Co-authored-by: ericgaspar <junk.eg@free.fr> Co-authored-by: OniriCorpe <oniricorpe@disroot.org>
113 lines
3.5 KiB
Nginx Configuration File
113 lines
3.5 KiB
Nginx Configuration File
client_max_body_size 99m;
|
|
|
|
root __INSTALL_DIR__/live/public;
|
|
|
|
location / {
|
|
|
|
proxy_set_header Accept-Encoding "";
|
|
try_files $uri @proxy;
|
|
|
|
# Include SSOWAT user panel.
|
|
include conf.d/yunohost_panel.conf.inc;
|
|
}
|
|
|
|
location ~ /sw.js {
|
|
more_set_headers "Cache-Control: public, max-age=604800, must-revalidate";
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location ~ ^/assets/ {
|
|
more_set_headers "Cache-Control: public, max-age=2419200, must-revalidate";
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location ~ ^/avatars/ {
|
|
more_set_headers "Cache-Control: public, max-age=2419200, must-revalidate";
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location ~ ^/emoji/ {
|
|
more_set_headers "Cache-Control: public, max-age=2419200, must-revalidate";
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location ~ ^/headers/ {
|
|
more_set_headers "Cache-Control: public, max-age=2419200, must-revalidate";
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location ~ ^/packs/ {
|
|
more_set_headers "Cache-Control: public, max-age=2419200, must-revalidate";
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location ~ ^/shortcuts/ {
|
|
more_set_headers "Cache-Control: public, max-age=2419200, must-revalidate";
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location ~ ^/sounds/ {
|
|
more_set_headers "Cache-Control: public, max-age=2419200, must-revalidate";
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location ~ ^/system/ {
|
|
more_set_headers "Cache-Control: public, max-age=2419200, immutable";
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
more_set_headers "X-Content-Type-Option: nosniff";
|
|
more_set_headers "Content-Security-Policy: default-src 'none'; form-action 'none'";
|
|
try_files $uri =404;
|
|
}
|
|
|
|
location ^~ /api/v1/streaming {
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header Proxy "";
|
|
|
|
proxy_pass http://127.0.0.1:__PORT_STREAM__;
|
|
proxy_buffering off;
|
|
proxy_redirect off;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
|
|
more_set_headers "Strict-Transport-Security: max-age=63072000; includeSubDomains";
|
|
|
|
tcp_nodelay on;
|
|
}
|
|
|
|
location @proxy {
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header Proxy "";
|
|
proxy_pass_header Server;
|
|
|
|
proxy_pass http://127.0.0.1:__PORT_WEB__;
|
|
proxy_buffering on;
|
|
proxy_redirect off;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
|
|
#proxy_cache CACHE;
|
|
proxy_cache_valid 200 7d;
|
|
proxy_cache_valid 410 24h;
|
|
proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
|
|
more_set_headers "X-Cached: $upstream_cache_status";
|
|
|
|
tcp_nodelay on;
|
|
}
|
|
|
|
error_page 500 501 502 503 504 /500.html;
|