alex/voyage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: improve formatting and organization in nginx configuration

Browse Source
This commit is contained in:
Sean Morley
2025-05-31 21:54:45 -04:00
parent b50447b1a2
commit c159e176b3
1 changed files with 14 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
backend/nginx.conf
View File

@@ -1,16 +1,12 @@
worker_processes 1; worker_processes 1;
events { events {
worker_connections 1024; worker_connections 1024;
} }
http { http {
include /etc/nginx/mime.types; include /etc/nginx/mime.types;
default_type application/octet-stream; default_type application/octet-stream;
sendfile on; sendfile on;
keepalive_timeout 65; keepalive_timeout 65;
client_max_body_size 100M; client_max_body_size 100M;
upstream django { upstream django {
@@ -33,23 +29,22 @@ http {
alias /code/staticfiles/; alias /code/staticfiles/;
} }
# Internal redirect path for protected media # Special handling for PDF files with CSP headers
location /protectedMedia/ {
internal;
alias /code/media/;
try_files $uri =404;
}
# Special headers for PDF responses under /protectedMedia/
location ~ ^/protectedMedia/.*\.pdf$ { location ~ ^/protectedMedia/.*\.pdf$ {
internal; internal;
alias /code/media/; alias /code/media/;
try_files $uri =404; try_files $uri =404;
add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always; add_header Content-Security-Policy "default-src 'self'; script-src 'none'; object-src 'none'; base-uri 'none'" always;
add_header X-Content-Type-Options nosniff always; add_header X-Content-Type-Options nosniff always;
add_header X-Frame-Options SAMEORIGIN always; add_header X-Frame-Options SAMEORIGIN always;
add_header Content-Disposition "inline" always; add_header Content-Disposition "inline" always;
} }
# General protected media files (non-PDF)
location /protectedMedia/ {
internal;
alias /code/media/;
try_files $uri =404;
}
} }
} }