# PDF TEI Editor demo configuration for pdf-tei-editor.example.com server { server_name pdf-tei-editor.example.com; # API endpoints - must not be cached by nginx (fixes #114) # This location must come BEFORE the general location / block location /api/ { proxy_pass http://127.0.0.1:8010; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; # Disable nginx caching - respect backend Cache-Control headers proxy_cache off; proxy_buffering off; proxy_no_cache 1; proxy_cache_bypass 1; # Ensure Cache-Control headers from backend are passed through proxy_pass_header Cache-Control; proxy_pass_header Pragma; proxy_pass_header Expires; # Reinforce cache headers at proxy level add_header Cache-Control "no-cache, no-store, must-revalidate" always; add_header Pragma "no-cache" always; add_header Expires "0" always; } # Special handling for Server-Sent Events location /sse/ { proxy_pass http://127.0.0.1:8010; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_buffering off; proxy_cache off; proxy_read_timeout 300; proxy_connect_timeout 75; } # General proxy for all other requests location / { proxy_pass http://127.0.0.1:8010; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $host; proxy_redirect off; } # Allow uploads up to 100MB (adjust as needed) client_max_body_size 100M; # increase timeouts for large uploads proxy_read_timeout 300s; proxy_connect_timeout 300s; proxy_send_timeout 300s; listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/pdf-tei-editor.example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/pdf-tei-editor.example.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = pdf-tei-editor.example.com) { return 301 https://$host$request_uri; } # managed by Certbot server_name pdf-tei-editor.example.com; listen 80; return 404; # managed by Certbot }