Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Add (commented) volume in docker-compose && Mitigating the HTTPoxy Vulnerability (#1253)

Browse source 
* enable commented volume in docker-compose.yml

* Disable unworking Nginx root directory && Mitigating the HTTPoxy Vulnerability

* add my instance to the list

* enable GZIP on nginx.conf

* readd root /home/mastodon/live/public;
This commit is contained in:
Valentin Ouvrard 2017-04-12 01:04:56 +11:00 committed by Eugen
parent c35bda0551
commit b723ee73fc
3 changed files with 24 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

14
docs/Running-Mastodon/Production-guide.md
View file

@ -34,10 +34,19 @@ server {
keepalive_timeout 70;
sendfile on;
client_max_body_size 0;
gzip off;
root /home/mastodon/live/public;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
location / {
@ -49,7 +58,7 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass_header Server;
proxy_pass http://localhost:3000;
@ -67,6 +76,7 @@ server {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Proxy "";
proxy_pass http://localhost:4000;
proxy_buffering off;