Update xtexx.eu.org

- xtexx.eu.org is moving from Vercel to exopages for better experience and extensible (e.g. CSP) The refactor is also in progress. The source code can be found at https://codeberg.org/xtex/home.git The server is deployed with podman with a low memory limitation. btw, cache-handler sucks. - blog.xtexx.eu.org is now handled by the same caddy instance for xtexx.eu.org. The main reason is that, there will be more and more complex rules in the future. And I will implement more RFCs (e.g. RFC6415) for this domain.
2023-09-02 19:36:46 +08:00 · 2023-09-02 19:36:46 +08:00 · 62870b2f0a
commit 62870b2f0a
parent 27d2e328ed
1 changed files with 27 additions and 21 deletions
--- a/xtex.conf
+++ b/xtex.conf
@ -1,3 +1,25 @@
+server {
+    listen 443 ssl;
+    listen [::]:443 ssl;
+    server_name xtexx.eu.org;
+
+    ssl_certificate /etc/letsencrypt/live/xtexx.eu.org/fullchain.pem;
+    ssl_certificate_key /etc/letsencrypt/live/xtexx.eu.org/privkey.pem;
+
+    add_header Server exozyme;
+
+    proxy_pass http://unix:/home/xtex/home/server.sock;
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+
+    # Proxy WebSockets
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "Upgrade";
+}
+
 server {
    listen 443 ssl;
    listen [::]:443 ssl;
@ -6,27 +28,11 @@ server {
    ssl_certificate /etc/letsencrypt/live/blog.xtexx.eu.org/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/blog.xtexx.eu.org/privkey.pem;

-    root /srv/http/pages/xtex;
-    index index.html;
-    error_page 502 404 /404.html;
-
    add_header Server exozyme;
-    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
-    add_header Access-Control-Allow-Origin *;

-    location / {
-        try_files $uri $uri.html $uri/ =404;
-    }
-
-    location ~* .(eot|otf|woff|ttf|css|js)$ {
-        add_header Cache-Control max-age=1800;
-    }
-
-    location ~* .(svg|jpg|jpeg|gif|png|ico|bmp|webp)$ {
-        add_header Cache-Control stale-while-revalidate=604800;
-    }
-
-    location ~* .xml$ {
-        add_header Cache-Control no-cache;
-    }
+    proxy_pass http://unix:/home/xtex/home/blog.sock;
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
 }