Files
binome/nginx.conf
2026-06-01 18:15:32 +02:00

79 lines
2.1 KiB
Nginx Configuration File

server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
index index.html;
# Gzip
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_proxied any;
gzip_comp_level 6;
gzip_types
text/plain
text/css
text/xml
text/javascript
application/javascript
application/json
application/xml
application/xml+rss
application/manifest+json
image/svg+xml;
# Security headers
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# Healthcheck endpoint for Coolify / Docker
location = /healthz {
access_log off;
add_header Content-Type text/plain;
return 200 "ok\n";
}
# Service worker must never be cached (PWA updates rely on this)
location = /sw.js {
add_header Cache-Control "no-cache, no-store, must-revalidate";
add_header Pragma "no-cache";
expires 0;
try_files $uri =404;
}
location = /registerSW.js {
add_header Cache-Control "no-cache, no-store, must-revalidate";
expires 0;
try_files $uri =404;
}
location = /manifest.webmanifest {
add_header Cache-Control "no-cache";
types { } default_type "application/manifest+json";
try_files $uri =404;
}
# Hashed build assets — safe to cache for a year
location /assets/ {
access_log off;
add_header Cache-Control "public, max-age=31536000, immutable";
try_files $uri =404;
}
# Static images / icons — moderate cache
location ~* \.(?:png|jpg|jpeg|gif|ico|svg|webp|avif|woff2?)$ {
access_log off;
add_header Cache-Control "public, max-age=604800";
try_files $uri =404;
}
# SPA fallback — every other route serves index.html (uncached)
location / {
add_header Cache-Control "no-cache";
try_files $uri $uri/ /index.html;
}
}