upagge/digital-garden
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4d1d8a4558
digital-garden/notes/Настройки noteshare для Obsidian.md

161 lines
4.6 KiB
Markdown
Raw Normal View History

init commit
2024-06-13 21:01:37 +03:00
---
tags:
- зрелость/🌱
date: "2023-09-04"
linked:
---
Этот сервер позволяет
```yaml
noteshare-migrate:
    image: upagge/noteshare-migrations:latest
    networks:
      note-share:
    volumes:
      - ./noteshare/database:/database/
    environment:
      - DATABASE_URL=file:/database/db.sqlite
# Backend server for managing saved notes 
  noteshare-backend:
    image: upagge/noteshare-backend:latest
    restart: always
    hostname: noteshare-backend
    container_name: noteshare-backend
    networks:
      note-share:
    volumes:
      - ./noteshare/database:/database/
    environment:
      - DATABASE_URL=file:/database/db.sqlite
      - FRONTEND_URL=https://notes.struchkov.dev
      - CLEANUP_INTERVAL_SECONDS=600
      - NODE_ENV=production
      # Rate limit for uploading notes
      - POST_LIMIT_WINDOW_SECONDS=86400
      - POST_LIMIT=50
      # Rate limit for downloading notes
      - GET_LIMIT_WINDOW_SECONDS=60
      - GET_LIMIT=20
    depends_on:
      - noteshare-migrate
  noteshare-frontend:
    image: upagge/noteshare-frontend:latest
    restart: always
    hostname: noteshare-frontend
    container_name: noteshare-frontend
    networks:
      note-share:
    environment:
      - NODE_ENV=production
    depends_on:
      - noteshare-backend
```
```nginx
server {
listen 80;
listen [::]:80;
server_name notes.struchkov.dev;
location ~ /.well-known/acme-challenge {
allow all;
root /temp;
}
location / {
return 301 https://notes.struchkov.dev$request_uri;
}
}
#server {
# server_name www.struchkov.dev;
# return 301 $scheme://struchkov.dev$request_uri;
#}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name notes.struchkov.dev;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header Referrer-Policy "no-referrer";
add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()";
add_header X-Content-Type-Options "nosniff";
add_header X-Frame-Options "sameorigin";
add_header X-Xss-Protection "1; mode=block";
proxy_hide_header X-Powered-By;
ssl_certificate /etc/letsencrypt/live/struchkov.dev/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/struchkov.dev/privkey.pem;
ssl_buffer_size 4k;
ssl_dhparam /etc/nginx/ssl/dhparam-notes.pem;
ssl_protocols SSLv3 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_ecdh_curve secp384r1;
ssl_stapling on;
ssl_stapling_verify on;
ssl_session_cache shared:SSL:5m;
ssl_session_timeout 24h;
ssl_session_tickets off;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_cache nginxcash;
proxy_cache_valid 1d;
proxy_cache_valid 404 1h;
proxy_cache_revalidate on;
proxy_buffering on;
proxy_cache_background_update on;
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
proxy_cache_min_uses 2;
client_body_buffer_size 128k;
proxy_pass http://noteshare-frontend:3000;
}
location = /api/note {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_cache nginxcash;
proxy_cache_valid 1d;
proxy_cache_valid 404 1h;
proxy_cache_revalidate on;
proxy_buffering on;
proxy_cache_background_update on;
proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
proxy_cache_min_uses 2;
client_body_buffer_size 128k;
limit_except GET POST DELETE {
deny all;
}
proxy_pass http://noteshare-backend:8080/api/note;
}
}
```
Reference in New Issue Copy Permalink