# nginx configuration for MeshCore Stats static site # This file is used by the nginx container in docker-compose.yml server { listen 8080; server_name _; root /usr/share/nginx/html; index day.html index.html; # UTF-8 charset for all text files charset utf-8; charset_types text/plain text/css text/javascript application/json image/svg+xml; # Gzip compression gzip on; gzip_vary on; gzip_min_length 1024; gzip_types text/plain text/css text/javascript application/json image/svg+xml; # Security headers add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "strict-origin-when-cross-origin" always; # HTML, JSON, TXT files - no cache (frequently updated) location ~* \.(html|json|txt)$ { add_header Cache-Control "no-cache, no-store, must-revalidate" always; add_header Pragma "no-cache" always; add_header Expires "0" always; # Re-add security headers (add_header in location blocks replaces parent) add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "strict-origin-when-cross-origin" always; } # PNG files - no cache (charts are regenerated frequently) location ~* \.png$ { add_header Cache-Control "no-cache, no-store, must-revalidate" always; add_header Pragma "no-cache" always; add_header Expires "0" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "strict-origin-when-cross-origin" always; } # CSS, JS, SVG files - short cache (5 minutes) location ~* \.(css|js|svg)$ { expires 5m; add_header Cache-Control "public, max-age=300" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy "strict-origin-when-cross-origin" always; } # Default location location / { try_files $uri $uri/ =404; } # Health check endpoint location /health { access_log off; return 200 "OK\n"; add_header Content-Type text/plain; } }