#=========================================================================# # Default Web Domain Template # # DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS # # https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work # #=========================================================================# proxy_cache_path /tmp/nginx-cache-instance-media levels=1:2 keys_zone=s3_cache:10m max_size=10g inactive=48h use_temp_path=off; server { listen %ip%:%proxy_ssl_port% ssl http2; server_name %domain_idn% %alias_idn%; ssl_certificate %ssl_pem%; ssl_certificate_key %ssl_key%; ssl_stapling on; ssl_stapling_verify on; error_log /var/log/%web_system%/domains/%domain%.error.log error; include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*; root /home/mastodon/public/system; set $s3_backend 'https://bucket-name.s3.nl-ams.scw.cloud'; keepalive_timeout 30; location = / { index index.html; } location / { try_files $uri @s3; } location @s3 { limit_except GET { deny all; } #resolver 9.9.9.9; proxy_set_header Host 'bucket-name.s3.nl-ams.scw.cloud'; proxy_set_header Connection ''; proxy_set_header Authorization ''; proxy_hide_header Set-Cookie; proxy_hide_header 'Access-Control-Allow-Origin'; proxy_hide_header 'Access-Control-Allow-Methods'; proxy_hide_header 'Access-Control-Allow-Headers'; proxy_hide_header x-amz-id-2; proxy_hide_header x-amz-request-id; proxy_hide_header x-amz-meta-server-side-encryption; proxy_hide_header x-amz-server-side-encryption; proxy_hide_header x-amz-bucket-region; proxy_hide_header x-amzn-requestid; proxy_ignore_headers Set-Cookie; proxy_pass $s3_backend$uri; proxy_intercept_errors off; proxy_cache s3_cache; proxy_cache_valid 200 304 48h; proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; proxy_cache_lock on; proxy_cache_revalidate on; expires 1y; add_header Cache-Control public; add_header 'Access-Control-Allow-Origin' '*'; add_header X-Cache-Status $upstream_cache_status; } include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*; }