diff --git a/frontend/server.ts b/frontend/server.ts index 54a8d8a71..98af79224 100644 --- a/frontend/server.ts +++ b/frontend/server.ts @@ -13,7 +13,7 @@ import { AppServerModule } from './src/main.server'; import { APP_BASE_HREF } from '@angular/common'; import { existsSync } from 'fs'; -const template = fs.readFileSync(path.join(__dirname, '../../mempool/browser/', 'index.html')).toString(); +const template = fs.readFileSync(path.join(__dirname, '../../mempool/browser/en-US/', 'index.html')).toString(); const win = domino.createWindow(template); @@ -48,7 +48,7 @@ global['localStorage'] = { // The Express app is exported so that it can be used by serverless Functions. export function app(): express.Express { const server = express(); - const distFolder = join(process.cwd(), 'dist/mempool/browser'); + const distFolder = join(process.cwd(), 'dist/mempool/browser/en-US'); const indexHtml = existsSync(join(distFolder, 'index.original.html')) ? 'index.original.html' : 'index'; // Our Universal express-engine (found @ https://github.com/angular/universal/tree/master/modules/express-engine) @@ -68,18 +68,15 @@ export function app(): express.Express { server.get('/api/v1/**', createProxyMiddleware({ // @ts-ignore - target: win.__env.BACKEND_URL, + target: win.__env.NGINX_PROTOCOL + '://' + win.__env.NGINX_HOSTNAME + ':' + win.__env.NGINX_PORT, changeOrigin: true, - }, - )); + })); server.get('/api/**', createProxyMiddleware({ - // @ts-ignore - target: win.__env.ELECTRS_URL_SERVER, - changeOrigin: true, - pathRewrite: {'^/api' : '/'} - }, - )); + // @ts-ignore + target: win.__env.NGINX_PROTOCOL + '://' + win.__env.NGINX_HOSTNAME + ':' + win.__env.NGINX_PORT, + changeOrigin: true, + })); // All regular routes use the Universal engine server.get('*', (req, res) => { diff --git a/production/nginx-mempool-ssr.conf b/production/nginx-mempool-ssr.conf new file mode 100644 index 000000000..53fd94f1b --- /dev/null +++ b/production/nginx-mempool-ssr.conf @@ -0,0 +1,211 @@ + root /mempool/public_html/mainnet/; + + index index.html; + + add_header Onion-Location http://mempoolhqx4isw62xs7abwphsq7ldayuidyx2v2oethdhhj6mlo2r6ad.onion$request_uri; + add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; + + set $frameOptions "DENY"; + set $contentSecurityPolicy "frame-ancestors 'none'"; + if ($http_referer ~ ^https://mempool.space/) + { + set $frameOptions "ALLOW-FROM https://mempool.space"; + set $contentSecurityPolicy "frame-ancestors https://mempool.space"; + } + if ($http_referer ~ ^https://mempool.ninja/) + { + set $frameOptions "ALLOW-FROM https://mempool.ninja"; + set $contentSecurityPolicy "frame-ancestors https://mempool.ninja"; + } + if ($http_referer ~ ^https://node100.bitcoin.wiz.biz/) + { + set $frameOptions "ALLOW-FROM https://node100.bitcoin.wiz.biz"; + set $contentSecurityPolicy "frame-ancestors https://node100.bitcoin.wiz.biz"; + } + if ($http_referer ~ ^https://wiz.biz/) + { + set $frameOptions "ALLOW-FROM https://wiz.biz"; + set $contentSecurityPolicy "frame-ancestors https://wiz.biz"; + } + + add_header X-Frame-Options $frameOptions; + add_header Content-Security-Policy $contentSecurityPolicy; + + # fallback for all URLs i.e. /address/foo /tx/foo /block/000 + location / { + #try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect; + proxy_pass http://127.0.0.1:4000; + } + location @index-redirect { + add_header vary accept-language; + rewrite (.*) /$lang/index.html; + } + + # location block using regex are matched in order + + # used to rewrite resources from // to /en-US/ + location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|ka|no|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh)/resources/ { + rewrite ^/[a-zA-Z-]*/resources/(.*) /resources/$1; + } + location /resources/ { + try_files $uri /en-US/$uri =404; + } + # used for cookie override + location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|ka|no|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh)/ { + #try_files $uri $uri/ /$1/index.html =404; + proxy_pass http://127.0.0.1:4000; + } + + # add /sitemap for production SEO + location /sitemap { + try_files $uri =410; + } + # old /explorer redirect from v1 days + location /explorer { + rewrite /explorer/(.*) https://$host/$1 permanent; + } + + # static API docs + location = /api { + #return 302 https://mempool.space/$request_uri; + #try_files $uri $uri/ /en-US/index.html =404; + proxy_pass http://127.0.0.1:4000; + } + location = /api/ { + #return 302 https://mempool.space/$request_uri; + #try_files $uri $uri/ /en-US/index.html =404; + proxy_pass http://127.0.0.1:4000; + } + location = /liquid/api { + #return 302 https://mempool.space/$request_uri; + #try_files $uri $uri/ /en-US/index.html =404; + proxy_pass http://127.0.0.1:4000; + } + location = /liquid/api/ { + #return 302 https://mempool.space/$request_uri; + #try_files $uri $uri/ /en-US/index.html =404; + proxy_pass http://127.0.0.1:4000; + } + location = /testnet/api { + #return 302 https://mempool.space/$request_uri; + #try_files $uri $uri/ /en-US/index.html =404; + proxy_pass http://127.0.0.1:4000; + } + location = /testnet/api/ { + #return 302 https://mempool.space/$request_uri; + #try_files $uri $uri/ /en-US/index.html =404; + proxy_pass http://127.0.0.1:4000; + } + location = /bisq/api { + #return 302 https://mempool.space/$request_uri; + #try_files $uri $uri/ /en-US/index.html =404; + proxy_pass http://127.0.0.1:4000; + } + location = /bisq/api/ { + #return 302 https://mempool.space/$request_uri; + #try_files $uri $uri/ /en-US/index.html =404; + proxy_pass http://127.0.0.1:4000; + } + + # mainnet API + location /api/v1/donations { + proxy_pass http://127.0.0.1:8999; + # don't rate limit this API prefix + } + location /api/v1/donations/images { + proxy_pass http://127.0.0.1:8999; + proxy_cache cache; + proxy_cache_valid 200 1d; + } + location /api/v1/ws { + proxy_pass http://127.0.0.1:8999/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + location /api/v1 { + proxy_pass http://127.0.0.1:8999/api/v1; + limit_req burst=50 nodelay zone=api; + } + location /api/ { + proxy_pass http://[::1]:3000/; + limit_req burst=50 nodelay zone=electrs; + } + + # liquid API + location /liquid/api/v1/ws { + proxy_pass http://127.0.0.1:8998/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + location /liquid/api/v1 { + proxy_pass http://127.0.0.1:8998/api/v1; + limit_req burst=50 nodelay zone=api; + } + location /liquid/api/ { + proxy_pass http://[::1]:3001/; + limit_req burst=50 nodelay zone=electrs; + } + + # testnet API + location /testnet/api/v1/ws { + proxy_pass http://127.0.0.1:8997/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + location /testnet/api/v1 { + proxy_pass http://127.0.0.1:8997/api/v1; + limit_req burst=50 nodelay zone=api; + } + location /testnet/api/ { + proxy_pass http://[::1]:3002/; + limit_req burst=50 nodelay zone=electrs; + } + + # bisq API + location /bisq/api/v1/ws { + proxy_pass http://127.0.0.1:8996/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + location /bisq/api/v1/markets { + proxy_pass http://127.0.0.1:8996/api/v1/bisq/markets; + #limit_req burst=50 nodelay zone=api; + } + location /bisq/api/v1 { + proxy_pass http://127.0.0.1:8996/api/v1; + limit_req burst=50 nodelay zone=api; + } + location /bisq/api { + proxy_pass http://127.0.0.1:8996/api/v1/bisq; + limit_req burst=50 nodelay zone=api; + } + + # mainnet API + location /ws { + proxy_pass http://127.0.0.1:8999/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + location /ws/mainnet { + proxy_pass http://127.0.0.1:8999/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + location /ws/liquid { + proxy_pass http://127.0.0.1:8998/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + } + location /ws/testnet { + proxy_pass http://127.0.0.1:8997/; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + }