vicwalker.dev.br / tranquil-pds
forked from tranquil.farm/tranquil-pds
Our Personal Data Server from scratch!
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

tranquil-pds / deploy / nginx / nginx-quadlet.conf
at nix-fixes 140 lines 4.3 kB view raw
oyster.cafe feat: docs tweaks & standalone frontend
158628f1
1worker_processes auto; 2error_log /var/log/nginx/error.log warn; 3 4events { 5 worker_connections 4096; 6} 7 8http { 9 include /etc/nginx/mime.types; 10 default_type application/octet-stream; 11 access_log /var/log/nginx/access.log; 12 13 sendfile on; 14 keepalive_timeout 65; 15 16 gzip on; 17 gzip_types text/plain text/css application/json application/javascript text/xml application/xml; 18 19 ssl_protocols TLSv1.2 TLSv1.3; 20 ssl_prefer_server_ciphers off; 21 ssl_session_cache shared:SSL:10m; 22 ssl_stapling on; 23 ssl_stapling_verify on; 24 25 server { 26 listen 80; 27 listen [::]:80; 28 server_name _; 29 30 location /.well-known/acme-challenge/ { 31 root /var/www/acme; 32 } 33 34 location / { 35 return 301 https://$host$request_uri; 36 } 37 } 38 39 server { 40 listen 443 ssl; 41 listen [::]:443 ssl; 42 http2 on; 43 server_name _; 44 45 ssl_certificate /etc/nginx/certs/fullchain.pem; 46 ssl_certificate_key /etc/nginx/certs/privkey.pem; 47 48 client_max_body_size 10G; 49 50 location /xrpc/ { 51 proxy_pass http://127.0.0.1:3000; 52 proxy_http_version 1.1; 53 proxy_set_header Upgrade $http_upgrade; 54 proxy_set_header Connection "upgrade"; 55 proxy_set_header Host $host; 56 proxy_set_header X-Real-IP $remote_addr; 57 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 58 proxy_set_header X-Forwarded-Proto $scheme; 59 proxy_read_timeout 86400; 60 proxy_send_timeout 86400; 61 proxy_buffering off; 62 proxy_request_buffering off; 63 } 64 65 location = /oauth/client-metadata.json { 66 proxy_pass http://127.0.0.1:8080; 67 proxy_http_version 1.1; 68 proxy_set_header Host $host; 69 proxy_set_header Accept-Encoding ""; 70 sub_filter_once off; 71 sub_filter_types application/json; 72 sub_filter '__PDS_HOSTNAME__' $host; 73 } 74 75 location /oauth/ { 76 proxy_pass http://127.0.0.1:3000; 77 proxy_http_version 1.1; 78 proxy_set_header Host $host; 79 proxy_set_header X-Real-IP $remote_addr; 80 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 81 proxy_set_header X-Forwarded-Proto $scheme; 82 proxy_read_timeout 300; 83 proxy_send_timeout 300; 84 } 85 86 location /.well-known/ { 87 proxy_pass http://127.0.0.1:3000; 88 proxy_http_version 1.1; 89 proxy_set_header Host $host; 90 proxy_set_header X-Real-IP $remote_addr; 91 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 92 proxy_set_header X-Forwarded-Proto $scheme; 93 } 94 95 location = /metrics { 96 proxy_pass http://127.0.0.1:3000; 97 proxy_http_version 1.1; 98 proxy_set_header Host $host; 99 proxy_set_header X-Real-IP $remote_addr; 100 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 101 proxy_set_header X-Forwarded-Proto $scheme; 102 } 103 104 location = /health { 105 proxy_pass http://127.0.0.1:3000; 106 proxy_http_version 1.1; 107 proxy_set_header Host $host; 108 } 109 110 location = /robots.txt { 111 proxy_pass http://127.0.0.1:3000; 112 proxy_http_version 1.1; 113 proxy_set_header Host $host; 114 } 115 116 location = /logo { 117 proxy_pass http://127.0.0.1:3000; 118 proxy_http_version 1.1; 119 proxy_set_header Host $host; 120 } 121 122 location ~ ^/u/[^/]+/did\.json$ { 123 proxy_pass http://127.0.0.1:3000; 124 proxy_http_version 1.1; 125 proxy_set_header Host $host; 126 proxy_set_header X-Real-IP $remote_addr; 127 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 128 proxy_set_header X-Forwarded-Proto $scheme; 129 } 130 131 location / { 132 proxy_pass http://127.0.0.1:8080; 133 proxy_http_version 1.1; 134 proxy_set_header Host $host; 135 proxy_set_header X-Real-IP $remote_addr; 136 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 137 proxy_set_header X-Forwarded-Proto $scheme; 138 } 139 } 140}