Brunobrno/STANDART
Template
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
c30f02ccfd79a031b1097dea230eb8d9ac4d4dfe
STANDART/frontend/nginx/nginx.conf
Brunobrno 680e8a4e56 k
2025-10-24 03:11:15 +02:00

70 lines
2.2 KiB
Nginx Configuration File
Raw Blame History

# nginx.conf
worker_processes auto;
user nginx;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
client_max_body_size 50m;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name _;
# -------------------------
# React frontend
# -------------------------
root /usr/share/nginx/html;
index index.html;
location / {
try_files $uri /index.html;
}
# # -------------------------
# # Django backend API
# # -------------------------
# # Serve Django static and media volumes mounted into the container
# location /static/ {
# alias /app/collectedstaticfiles/;
# }
# location /media/ {
# alias /app/media/;
# }
# # Same-origin proxy for API -> avoids CORS and allows cookies
# location /api {
# return 301 /api/;
# }
# location /api/ {
# proxy_pass http://backend:8000;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_http_version 1.1;
# proxy_set_header Connection "";
# proxy_buffering off;
# client_max_body_size 50m;
# }
# -------------------------
# Security headers
# -------------------------
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header Referrer-Policy "strict-origin-when-cross-origin";
# Minimal, valid CSP for development
add_header Content-Security-Policy "default-src 'self'; frame-src 'self' https://www.google.com https://*.google.com https://*.google.cz; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; connect-src 'self' http://127.0.0.1:8000 http://localhost:8000 ws: wss:; font-src 'self' data:";
}
}
Reference in New Issue View Git Blame Copy Permalink