FROM nginx
COPY --from=0 /build/output/ /usr/share/nginx/html/
+COPY conf/nginx.conf /etc/nginx/nginx.conf
+COPY conf/default.conf /etc/nginx/conf.d/default.conf
--- /dev/null
+server {
+ listen 80;
+ server_name localhost;
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+ add_header Content-Security-Policy "default-src 'self'; script-src 'self'; img-src 'self' data: https://i.creativecommons.org https://licensebuttons.net https://letters.vexingworkshop.com; style-src 'self' 'unsafe-inline' https://letters.vexingworkshop.com; font-src 'self' data: https://letters.vexingworkshop.com; frame-src 'self'; connect-src 'self'; object-src 'none' ";
+ add_header X-Frame-Options deny;
+ add_header X-Content-Type-Options "nosniff" always;
+
+ location / {
+ root /usr/share/nginx/html;
+ index index.html index.htm;
+ }
+
+ #error_page 404 /404.html;
+
+ # redirect server error pages to the static page /50x.html
+ #
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+ root /usr/share/nginx/html;
+ }
+}
+
--- /dev/null
+
+user nginx;
+worker_processes 1;
+
+error_log /var/log/nginx/error.log warn;
+pid /var/run/nginx.pid;
+
+
+events {
+ worker_connections 1024;
+}
+
+
+http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+
+ access_log /var/log/nginx/access.log main;
+
+ sendfile on;
+ #tcp_nopush on;
+
+ keepalive_timeout 65;
+
+ #gzip on;
+
+ include /etc/nginx/conf.d/*.conf;
+}
projects / letters.git / commitdiff