Blocking pict-rs import location

author Dessalines <tyhou13@gmx.com>

Fri, 12 Jun 2020 21:05:19 +0000 (17:05 -0400)

committer Dessalines <tyhou13@gmx.com>

Fri, 12 Jun 2020 21:05:19 +0000 (17:05 -0400)
author Dessalines <tyhou13@gmx.com>
Fri, 12 Jun 2020 21:05:19 +0000 (17:05 -0400)
committer Dessalines <tyhou13@gmx.com>
Fri, 12 Jun 2020 21:05:19 +0000 (17:05 -0400)
diff --git a/ansible/templates/nginx.conf b/ansible/templates/nginx.conf

index 68fa64fc5fa3ed45aababe913d2d24c6d85217cf..6a5990a70fcf63fb960c2ba8dd60af51358225bc 100644 (file)
--- a/ansible/templates/nginx.conf
+++ b/ansible/templates/nginx.conf
@@ -48,8 +48,8 @@ server {
      add_header X-Frame-Options "DENY";
      add_header X-XSS-Protection "1; mode=block";
  
-    # Upload limit for pictshare
-    client_max_body_size 50M;
+    # Upload limit for pictrs
+    client_max_body_size 20M;
  
      location / {
          proxy_pass http://0.0.0.0:8536;
@@ -70,12 +70,17 @@ server {
          proxy_cache_min_uses    5;
      }    
  
-    location /pictrs/ {
+    location /pictrs/image/ {
        proxy_pass http://0.0.0.0:8537/;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  
+      # Block the import
+      location /pictrs/import {
+        return 403;
+      }
+
        if ($request_uri ~ \.(?:ico|gif|jpe?g|png|webp|bmp|mp4)$) {
          add_header Cache-Control "public, max-age=31536000, immutable";
        }   
diff --git a/docker/dev/nginx.conf b/docker/dev/nginx.conf

deleted file mode 100644 (file)

index 3e4ff51..0000000
--- a/docker/dev/nginx.conf
+++ /dev/null
@@ -1,40 +0,0 @@
-events {
-    worker_connections 1024;
-}
-
-http {
-    server {
-        listen 8536;
-        server_name 127.0.0.1;
-        #access_log  off;
-
-        # Upload limit for pictshare
-        client_max_body_size 50M;
-
-        location / {
-            proxy_pass http://lemmy:8536;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header Host $host;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
-            # WebSocket support
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "upgrade";
-        }
-
-        location /pictrs/ {
-            proxy_pass http://pictrs:8080/;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header Host $host;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        }
-
-        location /iframely/ {
-            proxy_pass http://iframely:80/;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header Host $host;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        }
-    }
-}
author	Dessalines <tyhou13@gmx.com>
	Fri, 12 Jun 2020 21:05:19 +0000 (17:05 -0400)
committer	Dessalines <tyhou13@gmx.com>
	Fri, 12 Jun 2020 21:05:19 +0000 (17:05 -0400)
ansible/templates/nginx.conf		patch \| blob \| history
docker/dev/nginx.conf	[deleted file]	patch \| blob \| history