# Example config *fragment* for quad-image. This must be placed in a server block.

# commitment to self-hosting:
add_header Content-Security-Policy "default-src 'unsafe-inline' 'self';" always;

# standard promise to act like a normal modern webapp:
add_header Referrer-Policy "no-referrer-when-downgrade" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;

location /api/ {
    proxy_pass http://127.0.0.1:6699;
    proxy_set_header Host            $host;
    proxy_set_header X-Forwarded-For $remote_addr;

    client_max_body_size 9m;
}

location / {
    root /opt/quad-image/web/;
    try_files $uri $uri/index.html =404;
}

location /e {
    root /opt/quad-image/;
    expires 30d;
    try_files $uri =404;
}

location = /e {
    return 302 /;
}