nginx: cache hedgedoc files and images if possible; ignore cache directive on static site

single-dockerfile
Trammell Hudson 3 years ago
parent b4c33bc74c
commit 489eaa45cc
  1. 1
      nginx/docker-compose.yaml
  2. 7
      nginx/nginx/nginx.conf
  3. 13
      nginx/nginx/templates/000-default.conf.template
  4. 4
      nginx/nginx/templates/docs.conf.template

@ -13,6 +13,7 @@ services:
- ../html:/var/www/html:ro - ../html:/var/www/html:ro
- ../data/certbot/www:/var/www/certbot:ro - ../data/certbot/www:/var/www/certbot:ro
- ../data/certbot/conf:/etc/letsencrypt:ro - ../data/certbot/conf:/etc/letsencrypt:ro
- ../data/nginx/cache:/data/nginx/cache:rw
- /home:/home:ro - /home:/home:ro
env_file: env_file:
- ../env.production - ../env.production

@ -56,6 +56,13 @@ http {
# gzip_http_version 1.1; # gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
proxy_cache_path
/data/nginx/cache
keys_zone=mycache:10m
loader_threshold=300
loader_files=200
max_size=200m;
## ##
# Virtual Host Configs # Virtual Host Configs
## ##

@ -56,12 +56,23 @@ server {
# normal pages go to hedgedoc static site (need to define ports in the env) # normal pages go to hedgedoc static site (need to define ports in the env)
# need to rewrite the CSP so that it allows reframing from the main site # need to rewrite the CSP so that it allows reframing from the main site
location / { location / {
proxy_cache mycache;
add_header X-Cache-Status $upstream_cache_status;
proxy_ignore_headers Cache-Control;
proxy_hide_header Content-Security-Policy; proxy_hide_header Content-Security-Policy;
add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.${DOMAIN_NAME}; frame-src 'self' *.${DOMAIN_NAME}; object-src 'self'; base-uri 'self' *.${DOMAIN_NAME}"; add_header Content-Security-Policy "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.${DOMAIN_NAME}; frame-src 'self' *.${DOMAIN_NAME}; object-src 'self'; base-uri 'self' *.${DOMAIN_NAME}";
proxy_pass http://host.docker.internal:3000/s$request_uri; proxy_pass http://host.docker.internal:3000/s$request_uri;
proxy_cache_valid any 1m;
} }
# while javascript and config stuff goes to non-static hedgedoc site # while javascript and config stuff goes to non-static hedgedoc site
location ~ ^/(js|build|config) { location ~ ^/(js|build|config$) {
proxy_cache mycache;
add_header X-Cache-Status $upstream_cache_status;
proxy_ignore_headers Cache-Control;
proxy_cache_valid any 1m;
proxy_pass http://host.docker.internal:3000$request_uri; proxy_pass http://host.docker.internal:3000$request_uri;
} }

@ -20,6 +20,10 @@ server {
proxy_read_timeout 1800s; proxy_read_timeout 1800s;
proxy_cache mycache;
proxy_cache_valid any 1m;
add_header X-Cache-Status $upstream_cache_status;
# required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486) # required to avoid HTTP 411: see Issue #1486 (https://github.com/dotcloud/docker/issues/1486)
chunked_transfer_encoding on; chunked_transfer_encoding on;

Loading…
Cancel
Save