-
-
Save xnohat/a8f5c1087cacc234e907ef78db07081d to your computer and use it in GitHub Desktop.
Thumbor Nginx Configuration That just works like magic
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| server_name cdn.example.com; | |
| listen 80; | |
| access_log /var/log/nginx/cdn.example.com-access.log; | |
| error_log /var/log/nginx/cdn.example.com-error.log info; | |
| add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive"; | |
| add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; | |
| add_header X-Frame-Options SAMEORIGIN; | |
| add_header X-Content-Type-Options nosniff; | |
| add_header X-XSS-Protection "1; mode=block"; | |
| add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; | |
| add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'; | |
| add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range'; | |
| add_header 'Access-Control-Allow-Origin' '*'; | |
| add_header 'Access-Control-Allow-Credentials' 'true'; | |
| add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; | |
| add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With'; # THUMBOR_ALLOW_CORS | |
| gzip on; | |
| gzip_vary on; | |
| gzip_min_length 1024; | |
| gzip_proxied expired no-cache no-store private auth; | |
| gzip_types text/xml application/x-javascript text/css application/javascript application/json text/javascript text/plain application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/xml font/eot font/opentype font/otf image/svg+xml image/vnd.microsoft.icon; | |
| gzip_disable "MSIE [1-6]\."; | |
| keepalive_timeout 0; | |
| merge_slashes off; | |
| location / { | |
| if ($request_method = 'OPTIONS') { | |
| add_header 'Access-Control-Allow-Origin' '*'; | |
| add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; | |
| add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range'; | |
| add_header 'Access-Control-Max-Age' 1728000; | |
| add_header 'Content-Type' 'text/plain; charset=utf-8'; | |
| add_header 'Content-Length' 0; | |
| return 204; | |
| } | |
| add_header 'Access-Control-Allow-Origin' '*'; | |
| add_header 'Access-Control-Allow-Credentials' 'true'; | |
| add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; | |
| add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With'; | |
| # Biar client yg pake Javascript bisa mengakses header Location | |
| add_header 'Access-Control-Expose-Headers' 'Location'; | |
| proxy_pass http://127.0.0.1:8888; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment