diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2020-05-17 20:24:09 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2020-05-17 20:34:42 +0200 |
| commit | 3c7c834a37802e5ca5d93a4b4a91dde3264d9f5d (patch) | |
| tree | 07abe3c01bb29505ceab94b7bdb587c1d3bd09ba /roles/wiki/files/etc | |
| parent | a16b003a9bf101234ca988b6e43466a3d6b99bc7 (diff) | |
nginx: Add Expires: HTTP headers.
Diffstat (limited to 'roles/wiki/files/etc')
| -rw-r--r-- | roles/wiki/files/etc/nginx/sites-available/website | 2 | ||||
| -rw-r--r-- | roles/wiki/files/etc/nginx/sites-available/wiki | 8 |
2 files changed, 7 insertions, 3 deletions
diff --git a/roles/wiki/files/etc/nginx/sites-available/website b/roles/wiki/files/etc/nginx/sites-available/website index cd6832a..69d3337 100644 --- a/roles/wiki/files/etc/nginx/sites-available/website +++ b/roles/wiki/files/etc/nginx/sites-available/website @@ -30,32 +30,34 @@ server { add_header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self'; font-src 'self'; frame-ancestors 'none'; form-action https://www.paypal.com/; base-uri fripost.org www.fripost.org"; include snippets/ssl.conf; ssl_certificate ssl/www.fripost.org.pem; ssl_certificate_key ssl/www.fripost.org.key; include snippets/fripost.org.hpkp-hdr; gzip on; gzip_vary on; gzip_min_length 256; gzip_types application/font-woff application/font-woff2 application/javascript application/json application/xml image/svg+xml image/x-icon text/css text/plain; location / { try_files $uri $uri/ =404; index index.html; root /var/lib/ikiwiki/public_html/fripost-wiki/website; } location = /ikiwiki.cgi { internal; } location /static/ { + expires 30d; + try_files $uri =404; alias /var/lib/ikiwiki/public_html/fripost-wiki/static/; } location /material/ { alias /var/www/fripost.org/material/; } location /minutes/ { alias /var/www/fripost.org/minutes/; } location /.well-known/autoconfig/ { alias /var/www/fripost.org/autoconfig/; } } diff --git a/roles/wiki/files/etc/nginx/sites-available/wiki b/roles/wiki/files/etc/nginx/sites-available/wiki index 89e86d8..153b3e2 100644 --- a/roles/wiki/files/etc/nginx/sites-available/wiki +++ b/roles/wiki/files/etc/nginx/sites-available/wiki @@ -22,36 +22,38 @@ server { server_name wiki.fripost.org; access_log /var/log/nginx/wiki.access.log; error_log /var/log/nginx/wiki.error.log info; include snippets/headers.conf; add_header Content-Security-Policy "default-src 'none'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self'; font-src 'self'; frame-ancestors 'none'; form-action 'self'; base-uri wiki.fripost.org"; include snippets/ssl.conf; ssl_certificate ssl/www.fripost.org.pem; ssl_certificate_key ssl/www.fripost.org.key; include snippets/fripost.org.hpkp-hdr; gzip on; gzip_vary on; gzip_min_length 256; gzip_types application/font-woff application/font-woff2 application/javascript application/json application/xml image/svg+xml image/x-icon text/css text/plain; + root /var/lib/ikiwiki/public_html/fripost-wiki; + + location /static/ { expires 30d; try_files $uri =404; } location / { location ~ ^/website(/.*)?$ { return 302 $scheme://fripost.org$1; } - try_files $uri $uri/ =404; index index.html; - root /var/lib/ikiwiki/public_html/fripost-wiki; + try_files $uri $uri/ =404; } location = /ikiwiki.cgi { - fastcgi_param DOCUMENT_ROOT /var/lib/ikiwiki/public_html/fripost-wiki; + fastcgi_param DOCUMENT_ROOT $document_root; fastcgi_param SCRIPT_FILENAME /var/lib/ikiwiki/public_html/ikiwiki.cgi; fastcgi_index ikiwiki.cgi; include snippets/fastcgi.conf; fastcgi_pass unix:/run/ikiwiki.socket; gzip off; # protect against BREACH } } |