hitanshu310
523c9d941e
- Angular 17 with standalone components - Angular Material + Tailwind CSS - OIDC authorization code flow with Authentik - Role-based access control (USER, DEVELOPER, APPROVER, ADMIN) - Dashboard with pending requests, tunnel list, and create mapping - Nginx reverse proxy to backend API - Multi-container Docker Compose setup (frontend, backend, postgres) - Environment-based configuration (local, test, prod)
41 lines
1.2 KiB
Nginx Configuration File
41 lines
1.2 KiB
Nginx Configuration File
server {
|
|
listen 80;
|
|
root /usr/share/nginx/html;
|
|
index index.html;
|
|
|
|
# Gzip compression
|
|
gzip on;
|
|
gzip_vary on;
|
|
gzip_min_length 1024;
|
|
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/json application/javascript;
|
|
|
|
location / {
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
|
|
# Proxy API calls to backend
|
|
location /cloudflare/ {
|
|
proxy_pass http://app:8080/cloudflare/;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Timeouts
|
|
proxy_connect_timeout 60s;
|
|
proxy_send_timeout 60s;
|
|
proxy_read_timeout 60s;
|
|
}
|
|
|
|
# Cache static assets
|
|
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
|
expires 1y;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
|
|
# Security headers
|
|
add_header X-Frame-Options "DENY" always;
|
|
add_header X-Content-Type-Options "nosniff" always;
|
|
add_header X-XSS-Protection "1; mode=block" always;
|
|
}
|