nginx-rp: Update headers

This commit is contained in:
Viyurz 2023-11-23 07:58:51 +00:00
parent 8b7e1fa475
commit efc9f117f9
No known key found for this signature in database

View file

@ -23,7 +23,7 @@ http {
default_type application/octet-stream; default_type application/octet-stream;
# Logging # Logging
log_not_found on; # log_not_found on;
# access_log /var/log/nginx/access.log; # access_log /var/log/nginx/access.log;
# error_log /var/log/nginx/error.log warn; # error_log /var/log/nginx/error.log warn;
@ -68,10 +68,6 @@ http {
proxy_set_header X-Forwarded-Scheme $scheme; proxy_set_header X-Forwarded-Scheme $scheme;
proxy_set_header Accept-Encoding ""; proxy_set_header Accept-Encoding "";
# Websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
# The `upstream` directives ensure that you have a http/1.1 connection # The `upstream` directives ensure that you have a http/1.1 connection
# This enables the keepalive option and better performance # This enables the keepalive option and better performance
@ -134,6 +130,11 @@ http {
proxy_pass http://127.0.0.1:11000; proxy_pass http://127.0.0.1:11000;
add_header Set-Cookie "Path=/; HttpOnly; Secure"; add_header Set-Cookie "Path=/; HttpOnly; Secure";
# Websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
client_body_buffer_size 512k; client_body_buffer_size 512k;
proxy_read_timeout 86400s; proxy_read_timeout 86400s;
@ -151,6 +152,11 @@ http {
location / { location / {
proxy_pass http://vaultwarden-default; proxy_pass http://vaultwarden-default;
# Websocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
client_max_body_size 525M; client_max_body_size 525M;
} }
@ -166,6 +172,11 @@ http {
location / { location / {
proxy_pass http://127.0.0.1:8083; proxy_pass http://127.0.0.1:8083;
add_header Strict-Transport-Security "max-age=31536000" always;
add_header Set-Cookie "Path=/; HttpOnly; Secure";
# Disable some features
add_header Permissions-Policy "accelerometer=(),ambient-light-sensor=(),autoplay=(),camera=(),encrypted-media=(),focus-without-user-activation=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),speaker=(),sync-xhr=(),usb=(),vr=()";
} }
} }