Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Create redundancy endpoint | Chocobozzz | 2018-12-04 | 1 | -2/+7 |
| | |||||
* | Add comments in nginx regarding blocks that can be safely removed | Chocobozzz | 2018-09-17 | 1 | -1/+3 |
| | |||||
* | Don't include `preload` flag in sample HSTS header | Felix Ableitner | 2018-09-11 | 1 | -1/+1 |
| | | | | | This goes against the recommendations (preloading should be opt-in). Putting it in the example makes it likely that people enable it without knowing what it means. https://hstspreload.org/?domain=peertube.social#opt-in | ||||
* | make HSTS opt-in and leave it to the reverse-proxy | Rigel Kent | 2018-09-09 | 1 | -1/+5 |
| | |||||
* | Only enable gzip for HTML/CSS/JS | Micah Elizabeth Scott | 2018-08-24 | 1 | -2/+4 |
| | | | | | No compression on JSON endpoints, in order to protect from potential compression+encryption data leak attacks (like BREACH) | ||||
* | Add gzip support to the sample nginx configuration | Micah Elizabeth Scott | 2018-08-24 | 1 | -0/+5 |
| | | | | | | | | | Without gzip explicitly enabled, load times suffer from transferring over a megabyte of plaintext javascript. With gzip enabled, the bundle is down to about 300K, and loads much faster. This change does not enable gzip on files that are already compressed, so images, fonts, and videos will be sent without the CPU overhead. | ||||
* | 404 on unknown thumbnail | Chocobozzz | 2018-07-24 | 1 | -7/+8 |
| | |||||
* | Add cors to static route in nginx template | Chocobozzz | 2018-07-24 | 1 | -0/+16 |
| | |||||
* | (nginx) remove headers now dealt with helmet | Rigel Kent | 2018-07-18 | 1 | -3/+0 |
| | |||||
* | Fix static avatars/thumbnails cache | Chocobozzz | 2018-07-17 | 1 | -1/+2 |
| | |||||
* | Increase upload limit to 8GB (test) | Chocobozzz | 2018-06-29 | 1 | -3/+3 |
| | |||||
* | Revert "Selective route permission to use embeds, fixes #322 in a better way ↵ | Chocobozzz | 2018-03-20 | 1 | -6/+0 |
| | | | | | (#364)" (#365) This reverts commit d40cd86bf56973d7217ad44737e3890b6e7f1ad5. | ||||
* | Selective route permission to use embeds, fixes #322 in a better way (#364) | Rigel Kent | 2018-03-20 | 1 | -0/+6 |
| | |||||
* | Remove X-Frame options in nginx config (#322) | Valvin | 2018-03-05 | 1 | -1/+0 |
| | | | `X-Frame-Options DENY;` doesn't permit sharing using iframe | ||||
* | Fix nginx configuration that do not work with import-videos script | Chocobozzz | 2018-03-01 | 1 | -1/+1 |
| | |||||
* | Try to improve production guide | Chocobozzz | 2018-02-16 | 1 | -8/+14 |
| | |||||
* | Precisions and security enhancements to the production guide (#287) | Rigel Kent | 2018-02-14 | 1 | -14/+37 |
| | | | | | | | | - added precisions and suggestions about how to generate Let's Encrypt certificates. Users have reported their installations didn't work when the problem came from missing certificates (false positives). - security defaults of Nginx follow the basic robustness principle "be conservative in what you send, be liberal in what you accept", which isn't enough with modern security standards, so we should be picky with the cipher suites we use, among other things. Extra comments (especially for the TLS1.3 protocol support parameter) make the requirement of a recent Nginx installation obvious, and the downgrade alternative remains clear to the system administrator. All in all, we should aknowledge users will most often copy and paste the configuration files. Making them secure by default may force a few users to read their configuration, but on the long run we are making the fediverse more secure. Since I've come to modify a bit the Nginx config in `support/doc/production.md`, I've merged it with the template so that they stay consistent. | ||||
* | Peertube home in /var/www instead of /home | Chocobozzz | 2018-01-23 | 1 | -3/+3 |
| | |||||
* | Don't serve previews with nginx | Chocobozzz | 2018-01-18 | 1 | -1/+1 |
| | | | | We need to maintain a cache in the node process | ||||
* | nginx optimizations | Chocobozzz | 2018-01-18 | 1 | -0/+21 |
| | |||||
* | Update production guide | Chocobozzz | 2018-01-15 | 1 | -2/+4 |
| | | | | | Use release that already contains build files. It requires a specific directories tree but I think it would be fine. | ||||
* | Remove unused webserver configuration | Chocobozzz | 2018-01-11 | 2 | -53/+5 |
| | | | | And update nginx configuration with a rate limit | ||||
* | change nginx config to fix deprecation of a old module (#175) | Fernandez, ReK2 | 2018-01-06 | 1 | -1/+1 |
| | |||||
* | Add ability to unfollow a server | Chocobozzz | 2017-11-27 | 2 | -0/+6 |
| | |||||
* | Fix nginx https template | Chocobozzz | 2017-10-19 | 1 | -1/+1 |
| | |||||
* | Increase client_max_body_size in NGinx template | Chocobozzz | 2017-10-17 | 2 | -2/+2 |
| | |||||
* | Add peertube https nginx template | Chocobozzz | 2016-11-25 | 1 | -0/+61 |
| | |||||
* | Update NGinx template (uploads -> videos) | Chocobozzz | 2016-10-26 | 1 | -1/+1 |
| | |||||
* | Update NGinx that bypass /static/webseed (better performances) | Chocobozzz | 2016-10-10 | 1 | -0/+21 |
| | |||||
* | Add nginx example file | Chocobozzz | 2016-06-03 | 1 | -0/+27 |