core/nginx.conf.sigil

{{ $proxy_settings := "proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Request-Start $msec;" }}

{{ range $port_map := .PROXY_PORT_MAP | split " " }}
{{ $port_map_list := $port_map | split ":" }}
{{ $scheme := index $port_map_list 0 }}
{{ $listen_port := index $port_map_list 1 }}
{{ $upstream_port := index $port_map_list 2 }}

server {
    {{ if eq $scheme "http" }}
        listen [::]:{{ $listen_port }};
        listen {{ $listen_port }};
        server_name {{ $.NOSSL_SERVER_NAME }};

        # Redirect HTTP to HTTPS
        return 301 https://$server_name$request_uri;

    {{ else if eq $scheme "https" }}
        listen [::]:{{ $listen_port }} ssl http2;
        listen {{ $listen_port }} ssl http2;
        server_name {{ $.NOSSL_SERVER_NAME }};

        # SSL конфигурация (dokku дефолты)
        ssl_certificate {{ $.APP_SSL_PATH }}/server.crt;
        ssl_certificate_key {{ $.APP_SSL_PATH }}/server.key;

        # Базовые заголовки безопасности
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-Content-Type-Options "nosniff" always;

        # Скрыть версию nginx
        server_tokens off;
    {{ end }}

    # Логирование (dokku дефолты)
    access_log /var/log/nginx/{{ $.APP }}-access.log;
    error_log /var/log/nginx/{{ $.APP }}-error.log;

    # Размер загружаемых файлов
    client_max_body_size 100M;

    # Улучшенное сжатие
    gzip on;
    gzip_vary on;
    gzip_min_length 1000;
    gzip_comp_level 6;
    gzip_types text/plain text/css text/xml text/javascript application/javascript application/json image/svg+xml;

    location / {
        proxy_pass http://{{ $.APP }}-{{ $upstream_port }};
        {{ $proxy_settings }}
    }

    # Статические файлы с долгим кэшированием
    location ~* \.(css|js|ico|png|jpg|jpeg|gif|svg|webp|woff|woff2|ttf|eot)$ {
        proxy_pass http://{{ $.APP }}-{{ $upstream_port }};
        {{ $proxy_settings }}

        expires 1y;
        add_header Cache-Control "public, immutable";
        add_header Vary "Accept-Encoding";
        access_log off;
    }

    # Включение дополнительных конфигураций dokku
    include {{ $.DOKKU_ROOT }}/{{ $.APP }}/nginx.conf.d/*.conf;
}
{{ end }}

{{ range $upstream_port := $.PROXY_UPSTREAM_PORTS | split " " }}
upstream {{ $.APP }}-{{ $upstream_port }} {
{{ range $listeners := $.DOKKU_APP_WEB_LISTENERS | split " " }}
{{ $listener_list := $listeners | split ":" }}
{{ $listener_ip := index $listener_list 0 }}
{{ $listener_port := index $listener_list 1 }}
    server {{ $listener_ip }}:{{ $upstream_port }};
{{ end }}
}
{{ end }}
-												nginx-simpler

											
										
										
											2025-06-02 21:50:39 +00:00
+								{{ $proxy_settings := "proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $http_connection; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Port $server_port; proxy_set_header X-Request-Start $msec;" }}
-												feat: nginx with cach, keepalive, proxy_read, users_from_one_ip, workers

											
										
										
											2024-04-07 16:39:37 +00:00
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
+								{{ range $port_map := .PROXY_PORT_MAP | split " " }}
-												following-error-fix

											
										
										
											2024-03-13 12:35:49 +00:00
+								{{ $port_map_list := $port_map | split ":" }}
 								{{ $scheme := index $port_map_list 0 }}
 								{{ $listen_port := index $port_map_list 1 }}
 								{{ $upstream_port := index $port_map_list 2 }}
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
 								server {
 								    {{ if eq $scheme "http" }}
-												feat: sigil with logs and reguest methods

											
										
										
											2023-10-10 10:48:33 +00:00
+								        listen [::]:{{ $listen_port }};
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
+								        listen {{ $listen_port }};
 								        server_name {{ $.NOSSL_SERVER_NAME }};
-												nginx-simpler

											
										
										
											2025-06-02 21:50:39 +00:00
 								        # Redirect HTTP to HTTPS
 								        return 301 https://$server_name$request_uri;
-												debug: Sigil back to map with only discours.io domain

											
										
										
											2024-12-20 17:35:59 +00:00
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
+								    {{ else if eq $scheme "https" }}
-												feat: sigil with logs and reguest methods

											
										
										
											2023-10-10 10:48:33 +00:00
+								        listen [::]:{{ $listen_port }} ssl http2;
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
+								        listen {{ $listen_port }} ssl http2;
 								        server_name {{ $.NOSSL_SERVER_NAME }};
-												nginx-simpler

											
										
										
											2025-06-02 21:50:39 +00:00
-												nginx-fix

											
										
										
											2025-06-02 22:45:06 +00:00
+								        # SSL конфигурация (dokku дефолты)
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
+								        ssl_certificate {{ $.APP_SSL_PATH }}/server.crt;
 								        ssl_certificate_key {{ $.APP_SSL_PATH }}/server.key;
-												nginx-simpler

											
										
										
											2025-06-02 21:50:39 +00:00
 								        # Базовые заголовки безопасности
 								        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
 								        add_header X-Frame-Options "SAMEORIGIN" always;
 								        add_header X-Content-Type-Options "nosniff" always;
 								        # Скрыть версию nginx
 								        server_tokens off;
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
+								    {{ end }}
-												nginx-simpler

											
										
										
											2025-06-02 21:50:39 +00:00
+								    # Логирование (dokku дефолты)
 								    access_log /var/log/nginx/{{ $.APP }}-access.log;
 								    error_log /var/log/nginx/{{ $.APP }}-error.log;
 								    # Размер загружаемых файлов
 								    client_max_body_size 100M;
 								    # Улучшенное сжатие
 								    gzip on;
 								    gzip_vary on;
 								    gzip_min_length 1000;
 								    gzip_comp_level 6;
 								    gzip_types text/plain text/css text/xml text/javascript application/javascript application/json image/svg+xml;
-												debug: Sigil back to map with only discours.io domain

											
										
										
											2024-12-20 17:35:59 +00:00
-												corsfix6

											
										
										
											2024-12-17 17:14:01 +00:00
+								    location / {
-												debug: rewrite nginx file to use it without variables logic

											
										
										
											2025-01-28 22:23:02 +00:00
+								        proxy_pass http://{{ $.APP }}-{{ $upstream_port }};
-												corsfix6

											
										
										
											2024-12-17 17:14:01 +00:00
+								        {{ $proxy_settings }}
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
+								    }
-												nginx-simpler

											
										
										
											2025-06-02 21:50:39 +00:00
+								    # Статические файлы с долгим кэшированием
 								    location ~* \.(css|js|ico|png|jpg|jpeg|gif|svg|webp|woff|woff2|ttf|eot)$ {
 								        proxy_pass http://{{ $.APP }}-{{ $upstream_port }};
 								        {{ $proxy_settings }}
-												feat: sigil with logs and reguest methods

											
										
										
											2023-10-10 10:52:43 +00:00
-												nginx-simpler

											
										
										
											2025-06-02 21:50:39 +00:00
+								        expires 1y;
 								        add_header Cache-Control "public, immutable";
 								        add_header Vary "Accept-Encoding";
 								        access_log off;
-												feat: Cors with mp3 and clean up basura

											
										
										
											2024-02-27 09:05:01 +00:00
+								    }
-												nginx-simpler

											
										
										
											2025-06-02 21:50:39 +00:00
+								    # Включение дополнительных конфигураций dokku
 								    include {{ $.DOKKU_ROOT }}/{{ $.APP }}/nginx.conf.d/*.conf;
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
+								}
 								{{ end }}
 								{{ range $upstream_port := $.PROXY_UPSTREAM_PORTS | split " " }}
 								upstream {{ $.APP }}-{{ $upstream_port }} {
-												feat: sigil with logs and reguest methods

											
										
										
											2023-10-10 10:48:33 +00:00
+								{{ range $listeners := $.DOKKU_APP_WEB_LISTENERS | split " " }}
 								{{ $listener_list := $listeners | split ":" }}
 								{{ $listener_ip := index $listener_list 0 }}
 								{{ $listener_port := index $listener_list 1 }}
-												nginx-simpler

											
										
										
											2025-06-02 21:50:39 +00:00
+								    server {{ $listener_ip }}:{{ $upstream_port }};
-												new-sigi

											
										
										
											2023-10-09 20:47:18 +00:00
+								{{ end }}
-												feat: sigil with logs and reguest methods

											
										
										
											2023-10-10 10:48:33 +00:00
+								}
-												no-gateway-sigil

											
										
										
											2024-01-11 16:52:10 +00:00
+								{{ end }}