nginx.conf

server {
    listen 80;
    server_name dexarmarket.ru www.dexarmarket.ru;
    
    root /var/www/dexarmarket/browser;
    index index.html;
    
    # Angular routing - serve index.html for all routes
    location / {
        try_files $uri $uri/ /index.html =404;
    }

    # Static assets caching
    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
        try_files $uri =404;
    }
    
    # Don't cache index.html
    location = /index.html {
        add_header Cache-Control "no-cache, no-store, must-revalidate";
        add_header Pragma "no-cache";
        add_header Expires "0";
    }

    # Gzip compression
    gzip on;
    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 6;
    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;
    gzip_min_length 1000;

    # Security headers
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;
    add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
    add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https:; frame-src https://telegram.org;" always;
    
    # Brotli compression (if available)
    # brotli on;
    # brotli_comp_level 6;
    # brotli_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;
}
very first commit 2026-01-18 18:57:06 +04:00			`server {`
			`listen 80;`
			`server_name dexarmarket.ru www.dexarmarket.ru;`

			`root /var/www/dexarmarket/browser;`
			`index index.html;`

			`# Angular routing - serve index.html for all routes`
			`location / {`
			`try_files $uri $uri/ /index.html =404;`
			`}`

			`# Static assets caching`
			`location ~* \.(js\|css\|png\|jpg\|jpeg\|gif\|ico\|svg\|woff\|woff2\|ttf\|eot)$ {`
			`expires 1y;`
			`add_header Cache-Control "public, immutable";`
			`try_files $uri =404;`
			`}`

			`# Don't cache index.html`
			`location = /index.html {`
			`add_header Cache-Control "no-cache, no-store, must-revalidate";`
			`add_header Pragma "no-cache";`
			`add_header Expires "0";`
			`}`

			`# Gzip compression`
			`gzip on;`
			`gzip_vary on;`
			`gzip_proxied any;`
			`gzip_comp_level 6;`
			`gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;`
			`gzip_min_length 1000;`

			`# Security headers`
			`add_header X-Frame-Options "SAMEORIGIN" always;`
			`add_header X-Content-Type-Options "nosniff" always;`
			`add_header X-XSS-Protection "1; mode=block" always;`
changes 2026-03-06 18:40:58 +04:00			`add_header Referrer-Policy "strict-origin-when-cross-origin" always;`
			`add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;`
			`add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://telegram.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: https:; connect-src 'self' https:; frame-src https://telegram.org;" always;`
very first commit 2026-01-18 18:57:06 +04:00
			`# Brotli compression (if available)`
			`# brotli on;`
			`# brotli_comp_level 6;`
			`# brotli_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml;`
			`}`