diff --git a/docker/devenv/Dockerfile b/docker/devenv/Dockerfile index a57957549..7cafdc7d1 100644 --- a/docker/devenv/Dockerfile +++ b/docker/devenv/Dockerfile @@ -3,10 +3,10 @@ LABEL maintainer="Andrey Antukh " ARG DEBIAN_FRONTEND=noninteractive -ENV NODE_VERSION=v18.16.1 \ +ENV NODE_VERSION=v18.17.1 \ CLOJURE_VERSION=1.11.1.1347 \ - CLJKONDO_VERSION=2023.05.26 \ - BABASHKA_VERSION=1.3.181 \ + CLJKONDO_VERSION=2023.07.13 \ + BABASHKA_VERSION=1.3.184 \ LANG=en_US.UTF-8 \ LC_ALL=en_US.UTF-8 diff --git a/docker/devenv/files/nginx.conf b/docker/devenv/files/nginx.conf index ec9051d09..175f7f2cf 100644 --- a/docker/devenv/files/nginx.conf +++ b/docker/devenv/files/nginx.conf @@ -92,34 +92,13 @@ http { error_page 301 302 307 = @handle_redirect; } - location /internal/gfonts/css { - proxy_pass https://fonts.googleapis.com/css?$args; - proxy_hide_header Access-Control-Allow-Origin; - proxy_hide_header Cross-Origin-Resource-Policy; - proxy_hide_header Link; - proxy_hide_header Alt-Svc; - proxy_hide_header Cache-Control; - proxy_hide_header Expires; - - proxy_ignore_headers Set-Cookie Vary Cache-Control Expires; - - proxy_set_header User-Agent "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"; - proxy_set_header Host "fonts.googleapis.com"; - proxy_set_header Accept "*/*"; - - proxy_cache penpot; - - add_header Access-Control-Allow-Origin $http_origin; - add_header Cache-Control max-age=86400; - add_header X-Cache-Status $upstream_cache_status; - } - location /internal/assets { internal; alias /home/penpot/penpot/backend/assets; add_header x-internal-redirect "$upstream_http_x_accel_redirect"; } + # On production, this is controlled by ELB location /api/export { proxy_pass http://127.0.0.1:6061; } @@ -192,17 +171,48 @@ http { add_header X-Cache-Status $upstream_cache_status; } + location ~ ^/internal/gfonts/css { + proxy_pass https://fonts.googleapis.com/css?$args; + proxy_hide_header Access-Control-Allow-Origin; + proxy_hide_header Cross-Origin-Resource-Policy; + proxy_hide_header Link; + proxy_hide_header Alt-Svc; + proxy_hide_header Cache-Control; + proxy_hide_header Expires; + + proxy_ignore_headers Set-Cookie Vary Cache-Control Expires; + + proxy_set_header User-Agent "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"; + proxy_set_header Host "fonts.googleapis.com"; + proxy_set_header Accept "*/*"; + + proxy_cache penpot; + + add_header Access-Control-Allow-Origin $http_origin; + add_header Cache-Control max-age=86400; + add_header X-Cache-Status $upstream_cache_status; + } + + location ~ ^/js/config.js$ { + add_header Cache-Control "no-store, no-cache, max-age=0" always; + } + + location ~* \.(js|css|jpg|svg|png)$ { + # We set no cache only on devenv + add_header Cache-Control "no-store, no-cache, max-age=0" always; + # add_header Cache-Control "max-age=604800" always; # 7 days + } + location ~ ^/(/|css|fonts|images|js|wasm) { } - + location ~ ^/[^/]+/(.*)$ { return 301 " /404"; } add_header Last-Modified $date_gmt; - add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; + add_header Cache-Control "no-store, no-cache, max-age=0" always; if_modified_since off; - expires off; try_files $uri /index.html$is_args$args =404; } } diff --git a/docker/images/files/nginx.conf b/docker/images/files/nginx.conf index b7cccedc2..c9a9f4eed 100644 --- a/docker/images/files/nginx.conf +++ b/docker/images/files/nginx.conf @@ -66,10 +66,13 @@ http { etag off; + root /var/www/app/; + location @handle_redirect { set $redirect_uri "$upstream_http_location"; set $redirect_host "$upstream_http_x_host"; set $redirect_cache_control "$upstream_http_cache_control"; + set $real_mtype "$upstream_http_x_mtype"; proxy_buffering off; @@ -84,6 +87,7 @@ http { add_header x-internal-redirect "$redirect_uri"; add_header x-cache-control "$redirect_cache_control"; add_header cache-control "$redirect_cache_control"; + add_header content-type "$real_mtype"; } location /assets { @@ -93,28 +97,6 @@ http { error_page 301 302 307 = @handle_redirect; } - location /internal/gfonts/css { - proxy_pass https://fonts.googleapis.com/css?$args; - proxy_hide_header Access-Control-Allow-Origin; - proxy_hide_header Cross-Origin-Resource-Policy; - proxy_hide_header Link; - proxy_hide_header Alt-Svc; - proxy_hide_header Cache-Control; - proxy_hide_header Expires; - - proxy_ignore_headers Set-Cookie Vary Cache-Control Expires; - - proxy_set_header User-Agent "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"; - proxy_set_header Host "fonts.googleapis.com"; - proxy_set_header Accept "*/*"; - - proxy_cache penpot; - - add_header Access-Control-Allow-Origin $http_origin; - add_header Cache-Control max-age=86400; - add_header X-Cache-Status $upstream_cache_status; - } - location /internal/assets { internal; alias /opt/data/assets; @@ -129,6 +111,13 @@ http { proxy_pass $PENPOT_BACKEND_URI/api; } + location /readyz { + proxy_http_version 1.1; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass $PENPOT_BACKEND_URI$request_uri; + } + location /ws/notifications { proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; @@ -136,6 +125,16 @@ http { } location / { + location ~ ^/github/penpot-files/(?[a-zA-Z0-9\-\_\.]+) { + proxy_pass https://raw.githubusercontent.com/penpot/penpot-files/main/$template_file; + proxy_hide_header Access-Control-Allow-Origin; + proxy_set_header User-Agent "curl/7.74.0"; + proxy_set_header Host "raw.githubusercontent.com"; + proxy_set_header Accept "*/*"; + add_header Access-Control-Allow-Origin $http_origin; + proxy_buffering off; + } + location ~ ^/internal/gfonts/font/(?.+) { proxy_pass https://fonts.gstatic.com/s/$font_file; @@ -161,22 +160,46 @@ http { add_header X-Cache-Status $upstream_cache_status; } - location ~* \.(js|css).*$ { - add_header Cache-Control "max-age=86400" always; # 24 hours + location ~ ^/internal/gfonts/css { + proxy_pass https://fonts.googleapis.com/css?$args; + proxy_hide_header Access-Control-Allow-Origin; + proxy_hide_header Cross-Origin-Resource-Policy; + proxy_hide_header Link; + proxy_hide_header Alt-Svc; + proxy_hide_header Cache-Control; + proxy_hide_header Expires; + + proxy_ignore_headers Set-Cookie Vary Cache-Control Expires; + + proxy_set_header User-Agent "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"; + proxy_set_header Host "fonts.googleapis.com"; + proxy_set_header Accept "*/*"; + + proxy_cache penpot; + + add_header Access-Control-Allow-Origin $http_origin; + add_header Cache-Control max-age=86400; + add_header X-Cache-Status $upstream_cache_status; } - location ~* \.(html).*$ { - add_header Cache-Control "no-cache, max-age=0" always; + location ~ ^/js/config.js$ { + add_header Cache-Control "no-store, no-cache, max-age=0" always; } - + + location ~* \.(js|css|jpg|svg|png)$ { + add_header Cache-Control "max-age=604800" always; # 7 days + } + location ~ ^/(/|css|fonts|images|js|wasm) { } - + location ~ ^/[^/]+/(.*)$ { return 301 " /404"; } - root /var/www/app/; + add_header Last-Modified $date_gmt; + add_header Cache-Control "no-store, no-cache, max-age=0" always; + if_modified_since off; try_files $uri /index.html$is_args$args =404; } }