trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

web: remove nginx config, add caching headers to g 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-05-18 10:15:52 +02:00
parent 590c7f4c9d
commit c58fe18b97
3 changed files with 14 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
internal/web/web_static.go
View File

@ -4,16 +4,19 @@ import (
"net/http" "net/http"
"goauthentik.io/internal/config" "goauthentik.io/internal/config"
"goauthentik.io/internal/constants"
staticWeb "goauthentik.io/web" staticWeb "goauthentik.io/web"
) )
func (ws *WebServer) configureStatic() { func (ws *WebServer) configureStatic() {
statRouter := ws.lh.NewRoute().Subrouter()
if config.G.Debug { if config.G.Debug {
ws.log.Debug("Using local static files") ws.log.Debug("Using local static files")
ws.lh.PathPrefix("/static/dist").Handler(http.StripPrefix("/static/dist", http.FileServer(http.Dir("./web/dist")))) ws.lh.PathPrefix("/static/dist").Handler(http.StripPrefix("/static/dist", http.FileServer(http.Dir("./web/dist"))))
ws.lh.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static/authentik", http.FileServer(http.Dir("./web/authentik")))) ws.lh.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static/authentik", http.FileServer(http.Dir("./web/authentik"))))
} else { } else {
ws.log.Debug("Using packaged static files") statRouter.Use(ws.staticHeaderMiddleware)
ws.log.Debug("Using packaged static files with aggressive caching")
ws.lh.PathPrefix("/static/dist").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticDist)))) ws.lh.PathPrefix("/static/dist").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticDist))))
ws.lh.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticAuthentik)))) ws.lh.PathPrefix("/static/authentik").Handler(http.StripPrefix("/static", http.FileServer(http.FS(staticWeb.StaticAuthentik))))
} }
@ -41,3 +44,12 @@ func (ws *WebServer) configureStatic() {
// Media files, always local // Media files, always local
ws.lh.PathPrefix("/media").Handler(http.StripPrefix("/media", http.FileServer(http.Dir(config.G.Paths.Media)))) ws.lh.PathPrefix("/media").Handler(http.StripPrefix("/media", http.FileServer(http.Dir(config.G.Paths.Media))))
} }
func (ws *WebServer) staticHeaderMiddleware(h http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Cache-Control", "\"public, no-transform\"")
w.Header().Set("X-authentik-version", constants.VERSION)
w.Header().Set("Vary", "X-authentik-version")
h.ServeHTTP(w, r)
})
}

98
web/nginx.conf
View File

@ -1,98 +0,0 @@
worker_processes auto;
pid /tmp/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
error_log /dev/stdout;
user www-data;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
log_format json_combined escape=json
'{'
'"timestamp":"$time_local",'
'"host":"$remote_addr",'
'"request_username":"$remote_user",'
'"event":"$request",'
'"status": "$status",'
'"size":"$body_bytes_sent",'
'"runtime":"$request_time",'
'"logger":"nginx",'
'"request_useragent":"$http_user_agent"'
'}';
access_log /dev/null json_combined;
##
# Gzip Settings
##
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
server {
listen 80;
server_name _;
charset utf-8;
root /usr/share/nginx/html;
index index.html;
location / {
access_log /dev/stdout json_combined;
}
location /static/ {
expires 31d;
add_header Cache-Control "public, no-transform";
add_header X-authentik-version "2021.5.2";
add_header Vary X-authentik-version;
}
location /if/admin {
root /usr/share/nginx/html/static/dist;
try_files $uri /static/dist/if/admin/index.html;
}
location /if/flow {
root /usr/share/nginx/html/static/dist;
try_files $uri /static/dist/if/flow/index.html;
}
}
}

3
web/src/interfaces/flow/index.html
View File

@ -10,9 +10,8 @@
<link rel="stylesheet" type="text/css" href="/static/dist/empty-state.css"> <link rel="stylesheet" type="text/css" href="/static/dist/empty-state.css">
<link rel="stylesheet" type="text/css" href="/static/dist/spinner.css"> <link rel="stylesheet" type="text/css" href="/static/dist/spinner.css">
<link rel="stylesheet" type="text/css" href="/static/dist/authentik.css"> <link rel="stylesheet" type="text/css" href="/static/dist/authentik.css">
<script>ShadyDOM = { force: !navigator.webdriver };</script> <script>ShadyDOM = { force: !navigator.webdriver }; window["polymerSkipLoadingFontRoboto"] = true;</script>
<script src="/static/dist/poly.js" type="module"></script> <script src="/static/dist/poly.js" type="module"></script>
<script>window["polymerSkipLoadingFontRoboto"] = true;</script>
<script src="/static/dist/FlowInterface.js" type="module"></script> <script src="/static/dist/FlowInterface.js" type="module"></script>
<title>authentik</title> <title>authentik</title>
</head> </head>