machankura/mempool
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update nginx configuration for cache settings and new locales

Browse Source 
* Consolidates add_header statements into single top-level section
* Updates locales to match frontend/src/app/app.constants.ts
* Re-orders locales to match locale selector for easier checking
This commit is contained in:
wiz 2021-07-19 18:36:13 +09:00
parent cb90b09a0e
commit f2f5749769
No known key found for this signature in database
GPG Key ID: A394E332255A6173
4 changed files with 37 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
nginx-mempool.conf
View File

@ -5,26 +5,35 @@
index index.html; index index.html;
# enable browser and proxy caching
add_header Cache-Control "public, no-transform";
# vary cache if user changes language preference
add_header Vary Accept-Language;
add_header Vary Cookie;
# fallback for all URLs i.e. /address/foo /tx/foo /block/000 # fallback for all URLs i.e. /address/foo /tx/foo /block/000
location / { location / {
add_header Vary Cookie;
try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect; try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect;
expires 10m;
}
location /resources {
try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect;
expires 1h;
} }
location @index-redirect { location @index-redirect {
add_header Vary Cookie;
rewrite (.*) /$lang/index.html; rewrite (.*) /$lang/index.html;
} }
# location block using regex are matched in order # location block using regex are matched in order
# used to rewrite resources from /<lang>/ to /en-US/ # used to rewrite resources from /<lang>/ to /en-US/
location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|ka|no|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh)/resources/ { location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh|hi)/resources/ {
add_header Vary Cookie;
rewrite ^/[a-zA-Z-]*/resources/(.*) /en-US/resources/$1; rewrite ^/[a-zA-Z-]*/resources/(.*) /en-US/resources/$1;
} }
# used for cookie override # used for cookie override
location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|ka|no|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh)/ { location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hi|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|ka|no|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh)/ {
add_header Vary Cookie; location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh|hi)/ {
try_files $uri $uri/ /$1/index.html =404; try_files $uri $uri/ /$1/index.html =404;
} }

6
nginx.conf
View File

@ -93,6 +93,7 @@ http {
~*^nb nb; ~*^nb nb;
~*^pl pl; ~*^pl pl;
~*^pt pt; ~*^pt pt;
~*^ru ru;
~*^sl sl; ~*^sl sl;
~*^fi fi; ~*^fi fi;
~*^sv sv; ~*^sv sv;
@ -100,7 +101,7 @@ http {
~*^uk uk; ~*^uk uk;
~*^vi vi; ~*^vi vi;
~*^zh zh; ~*^zh zh;
~*^ru ru; ~*^hi hi;
} }
map $cookie_lang $lang { map $cookie_lang $lang {
@ -123,6 +124,7 @@ http {
~*^nb nb; ~*^nb nb;
~*^pl pl; ~*^pl pl;
~*^pt pt; ~*^pt pt;
~*^ru ru;
~*^sl sl; ~*^sl sl;
~*^fi fi; ~*^fi fi;
~*^sv sv; ~*^sv sv;
@ -130,7 +132,7 @@ http {
~*^uk uk; ~*^uk uk;
~*^vi vi; ~*^vi vi;
~*^zh zh; ~*^zh zh;
~*^ru ru; ~*^hi hi;
} }
server { server {

27
production/nginx-mempool.conf
View File

@ -2,9 +2,13 @@
index index.html; index index.html;
# tor onion redirect
add_header Onion-Location http://mempoolhqx4isw62xs7abwphsq7ldayuidyx2v2oethdhhj6mlo2r6ad.onion$request_uri; add_header Onion-Location http://mempoolhqx4isw62xs7abwphsq7ldayuidyx2v2oethdhhj6mlo2r6ad.onion$request_uri;
# HSTS preload enable
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
# generate frame configuration from origin header
set $frameOptions "DENY"; set $frameOptions "DENY";
set $contentSecurityPolicy "frame-ancestors 'none'"; set $contentSecurityPolicy "frame-ancestors 'none'";
if ($http_referer ~ ^https://mempool.space/) if ($http_referer ~ ^https://mempool.space/)
@ -17,47 +21,44 @@
set $frameOptions "ALLOW-FROM https://mempool.ninja"; set $frameOptions "ALLOW-FROM https://mempool.ninja";
set $contentSecurityPolicy "frame-ancestors https://mempool.ninja"; set $contentSecurityPolicy "frame-ancestors https://mempool.ninja";
} }
if ($http_referer ~ ^https://node100.bitcoin.wiz.biz/)
{
set $frameOptions "ALLOW-FROM https://node100.bitcoin.wiz.biz";
set $contentSecurityPolicy "frame-ancestors https://node100.bitcoin.wiz.biz";
}
if ($http_referer ~ ^https://wiz.biz/) if ($http_referer ~ ^https://wiz.biz/)
{ {
set $frameOptions "ALLOW-FROM https://wiz.biz"; set $frameOptions "ALLOW-FROM https://wiz.biz";
set $contentSecurityPolicy "frame-ancestors https://wiz.biz"; set $contentSecurityPolicy "frame-ancestors https://wiz.biz";
} }
# restrict usage of frames
add_header X-Frame-Options $frameOptions; add_header X-Frame-Options $frameOptions;
add_header Content-Security-Policy $contentSecurityPolicy; add_header Content-Security-Policy $contentSecurityPolicy;
# enable browser and proxy caching
add_header Cache-Control "public, no-transform";
# vary cache if user changes language preference
add_header Vary Accept-Language;
add_header Vary Cookie;
# fallback for all URLs i.e. /address/foo /tx/foo /block/000 # fallback for all URLs i.e. /address/foo /tx/foo /block/000
location / { location / {
try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect; try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect;
add_header Cache-Control "public, no-transform";
add_header Vary Cookie;
expires 10m; expires 10m;
} }
location /resources { location /resources {
try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect; try_files /$lang/$uri /$lang/$uri/ $uri $uri/ /en-US/$uri @index-redirect;
add_header Cache-Control "public, no-transform";
add_header Vary Cookie;
expires 1h; expires 1h;
} }
location @index-redirect { location @index-redirect {
add_header Vary Cookie;
rewrite (.*) /$lang/index.html; rewrite (.*) /$lang/index.html;
} }
# location block using regex are matched in order # location block using regex are matched in order
# used to rewrite resources from /<lang>/ to /en-US/ # used to rewrite resources from /<lang>/ to /en-US/
location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|ka|no|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh)/resources/ { location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh|hi)/resources/ {
rewrite ^/[a-zA-Z-]*/resources/(.*) /en-US/resources/$1; rewrite ^/[a-zA-Z-]*/resources/(.*) /en-US/resources/$1;
} }
# used for cookie override # used for cookie override
location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|ka|no|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh)/ { location ~ ^/(ar|bg|bs|ca|cs|da|de|et|el|es|eo|eu|fa|fr|gl|ko|hr|id|it|he|ka|lv|lt|hu|mk|ms|nl|ja|nb|nn|pl|pt|pt-BR|ro|ru|sk|sl|sr|sh|fi|sv|th|tr|uk|vi|zh|hi)/ {
add_header Vary Cookie;
try_files $uri $uri/ /$1/index.html =404; try_files $uri $uri/ /$1/index.html =404;
} }

6
production/nginx.conf
View File

@ -104,6 +104,7 @@ http {
~*^nb nb; ~*^nb nb;
~*^pl pl; ~*^pl pl;
~*^pt pt; ~*^pt pt;
~*^ru ru;
~*^sl sl; ~*^sl sl;
~*^fi fi; ~*^fi fi;
~*^sv sv; ~*^sv sv;
@ -111,7 +112,7 @@ http {
~*^uk uk; ~*^uk uk;
~*^vi vi; ~*^vi vi;
~*^zh zh; ~*^zh zh;
~*^ru ru; ~*^hi hi;
} }
map $cookie_lang $lang { map $cookie_lang $lang {
@ -134,6 +135,7 @@ http {
~*^nb nb; ~*^nb nb;
~*^pl pl; ~*^pl pl;
~*^pt pt; ~*^pt pt;
~*^ru ru;
~*^sl sl; ~*^sl sl;
~*^fi fi; ~*^fi fi;
~*^sv sv; ~*^sv sv;
@ -141,7 +143,7 @@ http {
~*^uk uk; ~*^uk uk;
~*^vi vi; ~*^vi vi;
~*^zh zh; ~*^zh zh;
~*^ru ru; ~*^hi hi;
} }
upstream electrs-mainnet { upstream electrs-mainnet {