mirrors/bookwyrm
1
0
Fork 1
mirror of https://github.com/bookwyrm-social/bookwyrm.git synced 2024-05-19 00:38:21 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #3338 from Minnozz/fix-nginx-location

Browse source 
Make nginx config safer
This commit is contained in:
Bart Schuurmans 2024-04-03 19:22:16 +02:00 committed by GitHub
parent d1d91f0c2b 75bc4f8cb0
commit 5082806b82
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 19 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
nginx/development
View file

@ -64,7 +64,7 @@ server {
# directly serve static files from the # directly serve static files from the
# bookwyrm filesystem using sendfile. # bookwyrm filesystem using sendfile.
# make the logs quieter by not reporting these requests # make the logs quieter by not reporting these requests
location ~ ^/static/ { location /static/ {
root /app; root /app;
try_files $uri =404; try_files $uri =404;
add_header X-Cache-Status STATIC; add_header X-Cache-Status STATIC;
@ -72,15 +72,14 @@ server {
} }
# same with image files not in static folder # same with image files not in static folder
location ~ \.(bmp|ico|jpg|jpeg|png|svg|tif|tiff|webp)$ { location /images/ {
root /app; location ~ \.(bmp|ico|jpg|jpeg|png|svg|tif|tiff|webp)$ {
try_files $uri =404; root /app;
add_header X-Cache-Status STATIC; try_files $uri =404;
access_log off; add_header X-Cache-Status STATIC;
} access_log off;
}
# block access to any non-image files from images # block access to any non-image files from images
location ~ ^/images/ {
return 403; return 403;
} }

21
nginx/production
View file

@ -96,23 +96,22 @@ server {
# # directly serve static files from the # # directly serve static files from the
# # bookwyrm filesystem using sendfile. # # bookwyrm filesystem using sendfile.
# # make the logs quieter by not reporting these requests # # make the logs quieter by not reporting these requests
# location ~ ^/static/ { # location /static/ {
# root /app; # root /app;
# try_files $uri =404; # try_files $uri =404;
# add_header X-Cache-Status STATIC; # add_header X-Cache-Status STATIC;
# access_log off; # access_log off;
# } # }
#
# # same with image files not in static folder # # same with image files not in static folder
# location ~ \.(bmp|ico|jpg|jpeg|png|svg|tif|tiff|webp)$ { # location /images/ {
# root /app; # location ~ \.(bmp|ico|jpg|jpeg|png|svg|tif|tiff|webp)$ {
# try_files $uri =404; # root /app;
# add_header X-Cache-Status STATIC; # try_files $uri =404;
# access_log off; # add_header X-Cache-Status STATIC;
# } # access_log off;
# }
# # block access to any non-image files from images # # block access to any non-image files from images
# location ~ ^/images/ {
# return 403; # return 403;
# } # }
# #