mirrors/mattermost-docker
1
0
Fork 1
mirror of https://github.com/mattermost/docker.git synced 2024-10-18 10:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

move some settings around

Browse Source
This commit is contained in:
Marco Kundt 2021-04-20 19:26:34 +02:00
parent 794c3d2f67
commit 255de3fc3f
1 changed files with 13 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
nginx/mattermost.conf
View File

@ -28,10 +28,21 @@ server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
# logging
access_log /var/log/nginx/mm.access.log;
error_log /var/log/nginx/mm.error.log warn;
# gzip for performance
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
## ssl
ssl_dhparam /dhparams4096.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m; # about 40000 sessions
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
# intermediate configuration
@ -57,21 +68,7 @@ server {
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
# logging
access_log /var/log/nginx/mm.access.log;
error_log /var/log/nginx/mm.error.log warn;
# max allowed size of uploaded files
client_max_body_size 256M;
# gzip for performance
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
add_header Strict-Transport-Security "max-age=63072000" always;
## locations
# ACME-challenge
@ -87,7 +84,6 @@ server {
return 200 "User-agent: *\nDisallow: /\n";
}
# API websocket location
location ~ /api/v[0-9]+/(users/)?websocket$ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
@ -108,7 +104,6 @@ server {
proxy_pass http://backend;
}
# reverse proxy location
location / {
client_max_body_size 50M;
proxy_set_header Connection "";