mirror of
https://github.com/jakejarvis/mastodon-utils.git
synced 2025-04-26 02:15:22 -04:00
backup brotli modules for the future
This commit is contained in:
parent
68386a800a
commit
d49c1e3e99
GPG Key ID:
2B0C9CF251E69A39
BIN
etc/nginx/modules/ngx_http_brotli_filter_module.so
Executable file
BIN
etc/nginx/modules/ngx_http_brotli_filter_module.so
Executable file
Binary file not shown.
BIN
etc/nginx/modules/ngx_http_brotli_static_module.so
Executable file
BIN
etc/nginx/modules/ngx_http_brotli_static_module.so
Executable file
Binary file not shown.
@ -2,7 +2,8 @@ user mastodon; # changed from 'nginx'
|
|||||||
worker_processes auto;
|
worker_processes auto;
|
||||||
pid /run/nginx.pid;
|
pid /run/nginx.pid;
|
||||||
|
|
||||||
# jake: added
|
# compiled brotli modules from https://github.com/google/ngx_brotli
|
||||||
|
# see: https://github.com/jakejarvis/mastodon-scripts/wiki/Brotli-compression-for-nginx
|
||||||
load_module modules/ngx_http_brotli_filter_module.so;
|
load_module modules/ngx_http_brotli_filter_module.so;
|
||||||
load_module modules/ngx_http_brotli_static_module.so;
|
load_module modules/ngx_http_brotli_static_module.so;
|
||||||
|
|
||||||
|
|||||||
@ -39,7 +39,7 @@ server {
|
|||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
|
||||||
# jake: added
|
# https://ssl-config.mozilla.org/#server=nginx&version=1.22.1&config=intermediate&openssl=1.1.1f&guideline=5.6
|
||||||
ssl_stapling on;
|
ssl_stapling on;
|
||||||
ssl_stapling_verify on;
|
ssl_stapling_verify on;
|
||||||
ssl_trusted_certificate /etc/letsencrypt/live/fediverse.jarv.is/chain.pem;
|
ssl_trusted_certificate /etc/letsencrypt/live/fediverse.jarv.is/chain.pem;
|
||||||
@ -87,19 +87,19 @@ server {
|
|||||||
|
|
||||||
location = /sw.js {
|
location = /sw.js {
|
||||||
add_header Cache-Control "public, max-age=604800, must-revalidate";
|
add_header Cache-Control "public, max-age=604800, must-revalidate";
|
||||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||||
try_files $uri =404;
|
try_files $uri =404;
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ ^/(assets|avatars|emoji|headers|packs|shortcuts|sounds)/ {
|
location ~ ^/(assets|avatars|emoji|headers|packs|shortcuts|sounds)/ {
|
||||||
add_header Cache-Control "public, max-age=2419200, must-revalidate";
|
add_header Cache-Control "public, max-age=2419200, must-revalidate";
|
||||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||||
try_files $uri =404;
|
try_files $uri =404;
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ ^/system/ {
|
location ~ ^/system/ {
|
||||||
add_header Cache-Control "public, max-age=2419200, immutable";
|
add_header Cache-Control "public, max-age=2419200, immutable";
|
||||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||||
try_files $uri =404;
|
try_files $uri =404;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -117,7 +117,7 @@ server {
|
|||||||
proxy_set_header Upgrade $http_upgrade;
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
proxy_set_header Connection $connection_upgrade;
|
proxy_set_header Connection $connection_upgrade;
|
||||||
|
|
||||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" always;
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
||||||
|
|
||||||
# debugging
|
# debugging
|
||||||
add_header Via "1.1 $proxy_host" always;
|
add_header Via "1.1 $proxy_host" always;
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user