DTSV/Ansible
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Add .wasm file extension for javascript

Browse Source
This commit is contained in:
Oli
2024-03-01 07:18:18 +00:00
parent acc4a64622
commit e5da9c9c54
1 changed files with 21 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
roles/webserver/templates/conf.d/cloud.conf.j2
View File

@@ -7,15 +7,18 @@ upstream nextcloud-notify-push {
# Set the `immutable` cache control options only for assets with a cache busting `v` argument # Set the `immutable` cache control options only for assets with a cache busting `v` argument
map $arg_v $asset_immutable { map $arg_v $asset_immutable {
"" ""; "" "";
default "immutable"; default ", immutable";
} }
server { server {
listen 80; listen 80;
listen [::]:80; listen [::]:80;
server_name {{ nextcloud_domain_name }} www.{{ nextcloud_domain_name }}; server_name {{ nextcloud_domain_name }} www.{{ nextcloud_domain_name }};
# enforce https
# Prevent nginx HTTP Server Detection
server_tokens off;
# Enforce HTTPS
return 301 https://$server_name$request_uri; return 301 https://$server_name$request_uri;
} }
@@ -32,6 +35,9 @@ server {
# Path to the root of your installation # Path to the root of your installation
root {{ nextcloud_dir }}; root {{ nextcloud_dir }};
# Prevent nginx HTTP Server Detection
server_tokens off;
# HSTS settings # HSTS settings
# WARNING: Only add the preload option once you read about # WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option # the consequences in https://hstspreload.org/. This option
@@ -70,20 +76,17 @@ server {
add_header X-Robots-Tag "noindex, nofollow" always; add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always; add_header X-XSS-Protection "1; mode=block" always;
# Add Alt-Svc header to negotiate HTTP/3.
add_header Alt-Svc 'h2=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400' always;
add_header x-quic 'h3' always;
# Remove X-Powered-By, which is an information leak # Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By; fastcgi_hide_header X-Powered-By;
# Add .mjs as a file extension for javascript # Set .mjs and .wasm MIME types
# Either include it in the default mime.types list # Either include it in the default mime.types list
# or include you can include that list explicitly and add the file extension # and include that list explicitly or add the file extension
# only for Nextcloud like below: # only for Nextcloud like below:
include mime.types; include mime.types;
types { types {
text/javascript js mjs; text/javascript js mjs;
application/wasm wasm;
} }
# Specify how to handle directories -- specifying `/index.php$request_uri` # Specify how to handle directories -- specifying `/index.php$request_uri`
@@ -165,12 +168,15 @@ server {
# Serve static files # Serve static files
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ { location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ {
try_files $uri /index.php$request_uri; try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463, $asset_immutable"; # HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Cache-Control "public, max-age=15778463$asset_immutable";
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "noindex, nofollow" always;
add_header X-XSS-Protection "1; mode=block" always;
access_log off; # Optional: Don't log access to assets access_log off; # Optional: Don't log access to assets
location ~ \.wasm$ {
default_type application/wasm;
}
} }
location ~ \.woff2?$ { location ~ \.woff2?$ {
@@ -196,4 +202,4 @@ server {
location / { location / {
try_files $uri $uri/ /index.php$request_uri; try_files $uri $uri/ /index.php$request_uri;
} }
} }