|
|
@ -21,7 +21,7 @@ server { |
|
|
|
# have a look here for let's encrypt configuration: |
|
|
|
# have a look here for let's encrypt configuration: |
|
|
|
# https://certbot.eff.org/all-instructions/#debian-9-stretch-nginx |
|
|
|
# https://certbot.eff.org/all-instructions/#debian-9-stretch-nginx |
|
|
|
|
|
|
|
|
|
|
|
root /srv/wwww/frontend; |
|
|
|
root ${FUNKWHALE_FRONTEND_PATH}; |
|
|
|
|
|
|
|
|
|
|
|
# If you are using S3 to host your files, remember to add your S3 URL to the |
|
|
|
# If you are using S3 to host your files, remember to add your S3 URL to the |
|
|
|
# media-src and img-src headers (e.g. img-src 'self' https://<your-S3-URL> data:) |
|
|
|
# media-src and img-src headers (e.g. img-src 'self' https://<your-S3-URL> data:) |
|
|
@ -42,7 +42,7 @@ server { |
|
|
|
add_header Referrer-Policy "strict-origin-when-cross-origin"; |
|
|
|
add_header Referrer-Policy "strict-origin-when-cross-origin"; |
|
|
|
add_header Service-Worker-Allowed "/"; |
|
|
|
add_header Service-Worker-Allowed "/"; |
|
|
|
add_header X-Frame-Options "ALLOW"; |
|
|
|
add_header X-Frame-Options "ALLOW"; |
|
|
|
alias /srv/wwww/frontend/; |
|
|
|
alias ${FUNKWHALE_FRONTEND_PATH}/; |
|
|
|
expires 30d; |
|
|
|
expires 30d; |
|
|
|
add_header Pragma public; |
|
|
|
add_header Pragma public; |
|
|
|
add_header Cache-Control "public, must-revalidate, proxy-revalidate"; |
|
|
|
add_header Cache-Control "public, must-revalidate, proxy-revalidate"; |
|
|
@ -53,7 +53,7 @@ server { |
|
|
|
add_header Referrer-Policy "strict-origin-when-cross-origin"; |
|
|
|
add_header Referrer-Policy "strict-origin-when-cross-origin"; |
|
|
|
|
|
|
|
|
|
|
|
add_header X-Frame-Options "ALLOW"; |
|
|
|
add_header X-Frame-Options "ALLOW"; |
|
|
|
alias /srv/wwww/frontend/embed.html; |
|
|
|
alias ${FUNKWHALE_FRONTEND_PATH}/embed.html; |
|
|
|
expires 30d; |
|
|
|
expires 30d; |
|
|
|
add_header Pragma public; |
|
|
|
add_header Pragma public; |
|
|
|
add_header Cache-Control "public, must-revalidate, proxy-revalidate"; |
|
|
|
add_header Cache-Control "public, must-revalidate, proxy-revalidate"; |
|
|
@ -76,7 +76,7 @@ server { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
location /media/ { |
|
|
|
location /media/ { |
|
|
|
alias /srv/wwww/media/; |
|
|
|
alias ${MEDIA_ROOT}/; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
# this is an internal location that is used to serve |
|
|
|
# this is an internal location that is used to serve |
|
|
@ -84,7 +84,7 @@ server { |
|
|
|
# has been checked on API side |
|
|
|
# has been checked on API side |
|
|
|
location /_protected/media { |
|
|
|
location /_protected/media { |
|
|
|
internal; |
|
|
|
internal; |
|
|
|
alias /srv/wwww/media; |
|
|
|
alias ${MEDIA_ROOT}; |
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
# Comment the previous location and uncomment this one if you're storing |
|
|
|
# Comment the previous location and uncomment this one if you're storing |
|
|
@ -102,11 +102,11 @@ server { |
|
|
|
# has been checked on API side |
|
|
|
# has been checked on API side |
|
|
|
# Set this to the same value as your MUSIC_DIRECTORY_PATH setting |
|
|
|
# Set this to the same value as your MUSIC_DIRECTORY_PATH setting |
|
|
|
internal; |
|
|
|
internal; |
|
|
|
alias /srv/wwww/music; |
|
|
|
alias ${MUSIC_DIRECTORY_PATH}; |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
location /staticfiles/ { |
|
|
|
location /staticfiles/ { |
|
|
|
# django static files |
|
|
|
# django static files |
|
|
|
alias /srv/wwww/static/; |
|
|
|
alias ${STATIC_ROOT}/; |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|