SysAdmin
c5e1fce271
- Added CORS headers for admin.dark.side domain - Added no-cache headers for PWA JavaScript files - Documented push notification configuration steps - Fixed split-tunnel VPN compatibility 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
65 lines
2.8 KiB
Plaintext
65 lines
2.8 KiB
Plaintext
# Nginx configuration for push notifications with dark.side domain
|
|
# This should be added to the nginx-proxy-manager custom configuration
|
|
# or applied to the nginx configuration serving admin.dark.side
|
|
|
|
# CORS headers for push notifications - allows any origin within dark.side domain
|
|
# This pattern allows the callbacks to work regardless of subdomain
|
|
location ~ ^/(api/push|service-worker\.js|manifest\.json|pwa\.js) {
|
|
# Set CORS headers for dark.side domains
|
|
set $cors_origin "";
|
|
if ($http_origin ~* (https?://.*\.dark\.side|https?://admin\.dark\.side)) {
|
|
set $cors_origin $http_origin;
|
|
}
|
|
|
|
# If no specific origin match, allow the dark.side domain generally
|
|
if ($cors_origin = "") {
|
|
set $cors_origin "https://admin.dark.side";
|
|
}
|
|
|
|
# Apply CORS headers
|
|
add_header 'Access-Control-Allow-Origin' $cors_origin always;
|
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
|
|
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
|
|
add_header 'Access-Control-Allow-Credentials' 'true' always;
|
|
add_header 'Access-Control-Max-Age' '3600' always;
|
|
|
|
# Handle preflight OPTIONS requests
|
|
if ($request_method = 'OPTIONS') {
|
|
add_header 'Access-Control-Allow-Origin' $cors_origin always;
|
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE' always;
|
|
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, X-Requested-With' always;
|
|
add_header 'Access-Control-Allow-Credentials' 'true' always;
|
|
add_header 'Access-Control-Max-Age' '3600' always;
|
|
add_header 'Content-Length' '0';
|
|
add_header 'Content-Type' 'text/plain charset=UTF-8';
|
|
return 204;
|
|
}
|
|
|
|
# Proxy to the backend
|
|
proxy_pass http://localhost:5100;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection 'upgrade';
|
|
proxy_set_header Host $host;
|
|
proxy_cache_bypass $http_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_buffering off;
|
|
}
|
|
|
|
# Additional location for the admin area with CORS support
|
|
location /Admin {
|
|
# Basic CORS for admin area
|
|
add_header 'Access-Control-Allow-Origin' 'https://admin.dark.side' always;
|
|
add_header 'Access-Control-Allow-Credentials' 'true' always;
|
|
|
|
proxy_pass http://localhost:5100/Admin;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
} |