openclaw/oikos
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6cdef0102c52bec7c8c665c894036e8898ab0cde
oikos/nginx.conf.example
T
ulsklyc d49cbe33b3 feat: Phase 1 — Projektstruktur, DB-Schema, Auth-System 
- Vollständige Verzeichnisstruktur gemäß CLAUDE.md
- Express-Server mit Helmet, Sessions, Rate Limiting, SPA-Fallback
- SQLite-Schema (Migration v1): 10 Tabellen, updated_at-Triggers, Indizes
- Versioniertes Migrations-System (schema_migrations)
- Auth-Routen: Login, Logout, /me, Admin-User-CRUD
- Frontend App-Shell: SPA-Router, API-Client, Design-System (CSS Tokens)
- PWA: Service Worker, Web App Manifest
- Setup-Script für ersten Admin-User (node setup.js)
- DB-Tests mit node:sqlite built-in: 29/29 bestanden
- Docker Compose + Dockerfile + Nginx-Beispielkonfiguration

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-24 14:32:36 +01:00

49 lines
1.6 KiB
Plaintext
Raw Blame History

# Nginx Reverse Proxy Konfiguration für Oikos
# Für Nginx Proxy Manager: Diese Datei als Vorlage für "Advanced"-Konfiguration nutzen.
# Ersetze "deine-domain.de" mit deiner tatsächlichen Domain.
server {
listen 80;
server_name deine-domain.de;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name deine-domain.de;
# SSL (von Nginx Proxy Manager automatisch verwaltet, oder manuell):
# ssl_certificate /etc/letsencrypt/live/deine-domain.de/fullchain.pem;
# ssl_certificate_key /etc/letsencrypt/live/deine-domain.de/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;
# Security Headers
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
# Proxy zu Oikos
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_cache_bypass $http_upgrade;
}
# Statische Assets cachen
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff2)$ {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
expires 7d;
add_header Cache-Control "public, immutable";
}
}
Reference in New Issue View Git Blame Copy Permalink