moments/asset/nginx/rob.tn.conf

upstream moments_api {
    server nikola.kosherinata.internal:42424 max_fails=3 fail_timeout=30s;
    keepalive 8;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name rob.tn;

    ssl_certificate     /etc/pki/tls/misc/oolon.hanzalova.internal.pem;
    ssl_certificate_key /etc/pki/tls/private/oolon.hanzalova.internal.pem;
    ssl_protocols TLSv1.3;

    root /var/www/moments;
    index index.html;

    location / {
        try_files $uri $uri/ /index.html;
        add_header Cache-Control "no-cache" always;
    }

    location ~* \.(js|css|woff2?|ttf|eot|svg|png|jpg|jpeg|gif|ico|webp|avif)$ {
        expires 30d;
        add_header Cache-Control "public, max-age=2592000, immutable";
        try_files $uri =404;
    }

    location /api/ {
        rewrite ^/api/(.*)$ /$1 break;
        proxy_pass http://moments_api;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_read_timeout 30s;
        proxy_connect_timeout 5s;
    }

    access_log /var/log/nginx/rob.tn.access.log;
    error_log  /var/log/nginx/rob.tn.error.log;
}

server {
    listen 80;
    listen [::]:80;
    server_name rob.tn;
    return 301 https://$host$request_uri;
}