From 4774f84eb0aca76f0c48e74be7ee4477cd1f43a4 Mon Sep 17 00:00:00 2001 From: Dan Hunsaker Date: Tue, 20 Nov 2018 14:24:35 -0700 Subject: [PATCH] Update Nginx config for Nanobox apps (#9310) The Nanobox files have gotten out of sync, a touch, with what Masto needs for Nginx settings. This PR updates them accordingly. --- nanobox/nginx-local.conf | 2 +- nanobox/nginx-stream.conf.erb | 2 +- nanobox/nginx-web.conf.erb | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/nanobox/nginx-local.conf b/nanobox/nginx-local.conf index f56339cac9..c0e883603d 100644 --- a/nanobox/nginx-local.conf +++ b/nanobox/nginx-local.conf @@ -38,7 +38,7 @@ http { root /app/public; - client_max_body_size 8M; + client_max_body_size 80M; location / { try_files $uri @rails; diff --git a/nanobox/nginx-stream.conf.erb b/nanobox/nginx-stream.conf.erb index 2a047dd9f6..12bcc8ca53 100644 --- a/nanobox/nginx-stream.conf.erb +++ b/nanobox/nginx-stream.conf.erb @@ -32,7 +32,7 @@ http { listen 8080; add_header Strict-Transport-Security "max-age=31536000"; - add_header Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://<%= ENV["LOCAL_DOMAIN"] %>; upgrade-insecure-requests"; + # add_header Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://<%= ENV["LOCAL_DOMAIN"] %>; upgrade-insecure-requests"; root /app/public; diff --git a/nanobox/nginx-web.conf.erb b/nanobox/nginx-web.conf.erb index 797201eabf..d96f1bfc7a 100644 --- a/nanobox/nginx-web.conf.erb +++ b/nanobox/nginx-web.conf.erb @@ -32,11 +32,11 @@ http { listen 8080; add_header Strict-Transport-Security "max-age=31536000"; - add_header Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://<%= ENV["LOCAL_DOMAIN"] %>; upgrade-insecure-requests"; + # add_header Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://<%= ENV["LOCAL_DOMAIN"] %>; upgrade-insecure-requests"; root /app/public; - client_max_body_size 8M; + client_max_body_size 80M; location / { try_files $uri @rails;