jsproxy/www.conf

#
# 提供 www 目录的静态资源服务
#
include               mime.types;
sendfile              on;
charset               utf-8;

# 安装步骤多，节省的流量不多，暂时不开
# brotli_static         on;
# gzip_static           on;
gzip                  on;

log_not_found         off;
error_page            404 = /404.html;

location = /404.html {
  internal;
  root                ../www;

  # http 重定向到 https（忽略 localhost 或 IP 访问）
  access_by_lua_block {
    if ngx.var.scheme == 'https' then
      return
    end
    local host = ngx.var.host
    if host == 'localhost' then
      return
    end
    if ngx.re.match(host, [[^\d+\.\d+\.\d+\.\d+$]]) then
      return
    end
    local url = host .. ':8443' .. ngx.var.request_uri
    ngx.redirect('https://' .. url, 301)
  }

  # 永久重定向申请: https://hstspreload.org/
  more_set_headers
    'strict-transport-security: max-age=99999999; includeSubDomains; preload'
  ;
}

location / {
  access_log          logs/access.log log_www buffer=64k flush=1s;
  root                ../www;
  index               404.html;
}

# HTTPS 证书申请验证
location /.well-known/acme-challenge/ {
  access_log          logs/acme.log combined;
  root                ../acme;
}