avm/hassio-addons
1
0
Fork 0
mirror of https://github.com/alexbelgium/hassio-addons.git synced 2026-02-02 09:57:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
Alexandre
2026-01-31 20:57:59 +01:00
committed by GitHub
parent 1fd9439fc7
commit fe8da75816
1 changed files with 0 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
birdnet-pipy/rootfs/etc/nginx/servers/nginx.conf
View File

@@ -1,107 +0,0 @@
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
index index.html;
# Gzip compression
gzip on;
gzip_vary on;
gzip_min_length 1024;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript application/javascript application/xml+rss application/json;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
# Allow large file uploads (for database migration)
client_max_body_size 500M;
# API proxy - forward /api/ requests to API server
# IMPORTANT: ^~ modifier prevents regex matches (like .png) from taking precedence
location ^~ /api/ {
proxy_pass http://api:5002;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
# Longer timeouts for migration imports
proxy_read_timeout 300s;
proxy_send_timeout 300s;
}
# Internal auth verification endpoint (for nginx auth_request)
location = /internal/auth {
internal;
proxy_pass http://api:5002/api/auth/verify;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
proxy_set_header Cookie $http_cookie;
}
# Auth error handler - returns JSON for API clients
location @stream_unauthorized {
default_type application/json;
return 401 '{"error": "Authentication required"}';
}
# Icecast audio stream proxy - forward /stream/ requests to Icecast server
# Protected by authentication when enabled
location ^~ /stream/ {
auth_request /internal/auth;
error_page 401 = @stream_unauthorized;
proxy_pass http://icecast:8888/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Streaming-specific settings
proxy_buffering off;
proxy_read_timeout 3600s;
proxy_send_timeout 3600s;
}
# Handle static assets with long cache times
# Note: /api/ routes are handled above, so this only affects local static files
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
try_files $uri =404;
}
location = / {
return 302 /birdnet/;
}
location = /birdnet {
return 301 /birdnet/;
}
# Handle Vue.js SPA routing - serve index.html for all routes that don't match static files
location /birdnet/ {
try_files $uri $uri/ /birdnet/index.html;
}
# Socket.IO WebSocket proxy - forward /socket.io/ requests to API server
location /socket.io/ {
proxy_pass http://api:5002/socket.io/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache_bypass $http_upgrade;
}
# Error pages
error_page 404 /birdnet/index.html;
error_page 500 502 503 504 /birdnet/index.html;
}