worker_processes 1; user nginx; error_log /dev/stderr warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr -> $request [$status] - ' 'referer: $http_referer $http_x_forwarded_for'; access_log /dev/stdout main; server_tokens off; keepalive_timeout 65; upstream backend { server __BACKEND__:6666; } server { listen 80 default_server; location ~ ^/api$ { return 302 /api/; } location ~ ^/api/(.*)$ { tcp_nodelay on; add_header 'Access-Control-Allow-Origin' '*'; if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Type'; return 200; } client_max_body_size 1073741824; gzip on; gzip_comp_level 3; gzip_min_length 20; gzip_proxied expired no-cache no-store private auth; gzip_types text/plain application/json; if ($request_uri ~* "/api/(.*)") { proxy_pass http://backend/$1; } error_page 500 502 503 504 @badproxy; } location /data/ { rewrite ^/data/(.*) /$1 break; root /data; sendfile on; tcp_nopush on; tcp_nodelay on; error_page 403 @unauthorized; error_page 404 @notfound; } location / { root /var/www; try_files $uri /index.htm; sendfile on; tcp_nopush on; tcp_nodelay on; gzip_static on; gzip_proxied expired no-cache no-store private auth; } location @unauthorized { return 403 "Unauthorized"; default_type text/plain; } location @notfound { return 404 "Not Found"; default_type text/plain; } location @badproxy { return 502 "Failed to connect to szurubooru REST API"; default_type text/plain; } } } daemon off;