web: remove nginx config, add caching headers to g
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
c61442c121
commit
2498e72f5d
|
@ -4,16 +4,19 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
"goauthentik.io/internal/config"
|
"goauthentik.io/internal/config"
|
||||||
|
"goauthentik.io/internal/constants"
|
||||||
staticWeb "goauthentik.io/web"
|
staticWeb "goauthentik.io/web"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (ws *WebServer) configureStatic() {
|
func (ws *WebServer) configureStatic() {
|
||||||
|
statRouter := ws.lh.NewRoute().Subrouter()
|
||||||
if config.G.Debug {
|
if config.G.Debug {
|
||||||
ws.log.Debug("Using local static files")
|
ws.log.Debug("Using local static files")
|
||||||
ws.lh.PathPrefix("/static/dist").Handler(http.StripPrefix("/static/dist", http.FileServer(http.Dir("./web/dist"))))
|
ws.lh.PathPrefix("/static/dist").Handler(http.StripPrefix("/static/dist", http.FileServer(http.Dir("./web/dist"))))
|
||||||
ws.lh.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static/authentik", http.FileServer(http.Dir("./web/authentik"))))
|
ws.lh.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static/authentik", http.FileServer(http.Dir("./web/authentik"))))
|
||||||
} else {
|
} else {
|
||||||
ws.log.Debug("Using packaged static files")
|
statRouter.Use(ws.staticHeaderMiddleware)
|
||||||
|
ws.log.Debug("Using packaged static files with aggressive caching")
|
||||||
ws.lh.PathPrefix("/static/dist").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticDist))))
|
ws.lh.PathPrefix("/static/dist").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticDist))))
|
||||||
ws.lh.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticAuthentik))))
|
ws.lh.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticAuthentik))))
|
||||||
}
|
}
|
||||||
|
@ -41,3 +44,12 @@ func (ws *WebServer) configureStatic() {
|
||||||
// Media files, always local
|
// Media files, always local
|
||||||
ws.lh.PathPrefix("/media").Handler(http.StripPrefix("/media", http.FileServer(http.Dir(config.G.Paths.Media))))
|
ws.lh.PathPrefix("/media").Handler(http.StripPrefix("/media", http.FileServer(http.Dir(config.G.Paths.Media))))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (ws *WebServer) staticHeaderMiddleware(h http.Handler) http.Handler {
|
||||||
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
w.Header().Set("Cache-Control", "\"public, no-transform\"")
|
||||||
|
w.Header().Set("X-authentik-version", constants.VERSION)
|
||||||
|
w.Header().Set("Vary", "X-authentik-version")
|
||||||
|
h.ServeHTTP(w, r)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
|
@ -1,98 +0,0 @@
|
||||||
worker_processes auto;
|
|
||||||
pid /tmp/nginx.pid;
|
|
||||||
include /etc/nginx/modules-enabled/*.conf;
|
|
||||||
error_log /dev/stdout;
|
|
||||||
user www-data;
|
|
||||||
|
|
||||||
events {
|
|
||||||
worker_connections 768;
|
|
||||||
# multi_accept on;
|
|
||||||
}
|
|
||||||
|
|
||||||
http {
|
|
||||||
|
|
||||||
##
|
|
||||||
# Basic Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
sendfile on;
|
|
||||||
tcp_nopush on;
|
|
||||||
tcp_nodelay on;
|
|
||||||
keepalive_timeout 65;
|
|
||||||
types_hash_max_size 2048;
|
|
||||||
# server_tokens off;
|
|
||||||
|
|
||||||
# server_names_hash_bucket_size 64;
|
|
||||||
# server_name_in_redirect off;
|
|
||||||
|
|
||||||
include /etc/nginx/mime.types;
|
|
||||||
default_type application/octet-stream;
|
|
||||||
|
|
||||||
##
|
|
||||||
# SSL Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
|
|
||||||
ssl_prefer_server_ciphers on;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Logging Settings
|
|
||||||
##
|
|
||||||
log_format json_combined escape=json
|
|
||||||
'{'
|
|
||||||
'"timestamp":"$time_local",'
|
|
||||||
'"host":"$remote_addr",'
|
|
||||||
'"request_username":"$remote_user",'
|
|
||||||
'"event":"$request",'
|
|
||||||
'"status": "$status",'
|
|
||||||
'"size":"$body_bytes_sent",'
|
|
||||||
'"runtime":"$request_time",'
|
|
||||||
'"logger":"nginx",'
|
|
||||||
'"request_useragent":"$http_user_agent"'
|
|
||||||
'}';
|
|
||||||
access_log /dev/null json_combined;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Gzip Settings
|
|
||||||
##
|
|
||||||
|
|
||||||
gzip on;
|
|
||||||
gzip_vary on;
|
|
||||||
gzip_proxied any;
|
|
||||||
gzip_comp_level 6;
|
|
||||||
gzip_buffers 16 8k;
|
|
||||||
gzip_http_version 1.1;
|
|
||||||
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
|
||||||
|
|
||||||
##
|
|
||||||
# Virtual Host Configs
|
|
||||||
##
|
|
||||||
|
|
||||||
server {
|
|
||||||
listen 80;
|
|
||||||
server_name _;
|
|
||||||
charset utf-8;
|
|
||||||
root /usr/share/nginx/html;
|
|
||||||
index index.html;
|
|
||||||
|
|
||||||
location / {
|
|
||||||
access_log /dev/stdout json_combined;
|
|
||||||
}
|
|
||||||
location /static/ {
|
|
||||||
expires 31d;
|
|
||||||
add_header Cache-Control "public, no-transform";
|
|
||||||
add_header X-authentik-version "2021.5.2";
|
|
||||||
add_header Vary X-authentik-version;
|
|
||||||
}
|
|
||||||
|
|
||||||
location /if/admin {
|
|
||||||
root /usr/share/nginx/html/static/dist;
|
|
||||||
try_files $uri /static/dist/if/admin/index.html;
|
|
||||||
}
|
|
||||||
location /if/flow {
|
|
||||||
root /usr/share/nginx/html/static/dist;
|
|
||||||
try_files $uri /static/dist/if/flow/index.html;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
|
@ -10,9 +10,8 @@
|
||||||
<link rel="stylesheet" type="text/css" href="/static/dist/empty-state.css">
|
<link rel="stylesheet" type="text/css" href="/static/dist/empty-state.css">
|
||||||
<link rel="stylesheet" type="text/css" href="/static/dist/spinner.css">
|
<link rel="stylesheet" type="text/css" href="/static/dist/spinner.css">
|
||||||
<link rel="stylesheet" type="text/css" href="/static/dist/authentik.css">
|
<link rel="stylesheet" type="text/css" href="/static/dist/authentik.css">
|
||||||
<script>ShadyDOM = { force: !navigator.webdriver };</script>
|
<script>ShadyDOM = { force: !navigator.webdriver }; window["polymerSkipLoadingFontRoboto"] = true;</script>
|
||||||
<script src="/static/dist/poly.js" type="module"></script>
|
<script src="/static/dist/poly.js" type="module"></script>
|
||||||
<script>window["polymerSkipLoadingFontRoboto"] = true;</script>
|
|
||||||
<script src="/static/dist/FlowInterface.js" type="module"></script>
|
<script src="/static/dist/FlowInterface.js" type="module"></script>
|
||||||
<title>authentik</title>
|
<title>authentik</title>
|
||||||
</head>
|
</head>
|
||||||
|
|
Reference in New Issue