mempool/production/nginx/server-common.conf

# angular builds to index.html
index index.html;

# tor onion redirect
add_header Onion-Location http://$onion.onion$request_uri;

# HSTS preload enable
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";

# generate frame configuration from origin header
if ($frameOptions = '')
{
	set $frameOptions "DENY";
	set $contentSecurityPolicy "frame-ancestors 'none'";
}

# used for iframes on https://mempool.space/network
if ($http_referer ~ ^https://mempool.space/)
{
	set $frameOptions "ALLOW-FROM https://mempool.space";
	set $contentSecurityPolicy "frame-ancestors https://mempool.space";
}
# used for iframes on https://mempool.ninja/network
if ($http_referer ~ ^https://mempool.ninja/)
{
	set $frameOptions "ALLOW-FROM https://mempool.ninja";
	set $contentSecurityPolicy "frame-ancestors https://mempool.ninja";
}
# used for iframes on https://wiz.biz/bitcoin/nodes
if ($http_referer ~ ^https://wiz.biz/)
{
	set $frameOptions "ALLOW-FROM https://wiz.biz";
	set $contentSecurityPolicy "frame-ancestors https://wiz.biz";
}

# restrict usage of frames
add_header X-Frame-Options $frameOptions;
add_header Content-Security-Policy $contentSecurityPolicy;

# enable browser and proxy caching
add_header Pragma "public";
add_header Cache-Control "public";

# vary cache if user changes language preference
add_header Vary Accept-Language;
add_header Vary Cookie;

# see order of nginx location rules
# https://stackoverflow.com/questions/5238377/nginx-location-priority

# for exact / requests, redirect based on $lang
# cache redirect for 5 minutes
location = / {
	if ($unfurlprefix != '') {
		rewrite ^(.*)$ $unfurlprefix$1 last;
	}
	if ($lang != '') {
		return 302 $scheme://$host/$lang/;
	}
	try_files /en-US/index.html =404;
	expires 5m;
}

# cache /<lang>/main.f40e91d908a068a2.js forever since they never change
location ~ ^/([a-z][a-z])/(.+\..+\.(js|css))$ {
	try_files $uri =404;
	expires 1y;
}
# cache everything else for 5 minutes
location ~ ^/([a-z][a-z])$ {
	if ($unfurlprefix != '') {
		rewrite ^(.*)$ $unfurlprefix$1 last;
	}
	try_files $uri /$1/index.html /en-US/index.html =404;
	expires 5m;
}
location ~ ^/([a-z][a-z])/ {
	if ($unfurlprefix != '') {
		rewrite ^(.*)$ $unfurlprefix$1 last;
	}
	try_files $uri /$1/index.html /en-US/index.html =404;
	expires 5m;
}

# cache /resources/** for 1 week since they don't change often
location /resources {
	try_files $uri /en-US/index.html;
	expires 1w;
}

# only cache /resources/config.* for 5 minutes since it changes often
location /resources/config. {
	try_files $uri =404;
	expires 5m;
}
# only cache /resources/customize.* for 5 minutes since it changes often
location /resources/customize. {
	try_files $uri =404;
	expires 5m;
}

# cache /main.f40e91d908a068a2.js forever since they never change
location ~* ^/.+\..+\.(js|css)$ {
	try_files /$lang/$uri /en-US/$uri =404;
	expires 1y;
}

# old stuff is gone
location /explorer/ {
	return 410;
}
location /sitemap/ {
	return 410;
}

# unfurl preview
location /preview {
	try_files /$lang/$uri $uri /en-US/$uri /en-US/index.html =404;
	expires 10m;
}
# unfurl renderer
location ^~ /render {
	try_files /dev/null @mempool-space-unfurler;
}
# unfurl handler
location /unfurl/ {
	try_files /dev/null @mempool-space-unfurler;
}
location /slurp/ {
	try_files /dev/null @mempool-space-slurper;
}

# catch-all for all URLs i.e. /address/foo /tx/foo /block/000
# cache 5 minutes since they change frequently
location / {
	if ($unfurlprefix != '') {
		rewrite ^(.*)$ $unfurlprefix$1 last;
	}
	try_files /$lang/$uri $uri /en-US/$uri /en-US/index.html =404;
	expires 5m;
}

location @mempool-space-unfurler {
	proxy_pass $mempoolSpaceUnfurler;

	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;

	proxy_cache_background_update on;
	proxy_cache_use_stale updating;
	proxy_cache unfurler;
	proxy_cache_valid 200 1h; # will re-render page if older than this
	proxy_redirect off;

	expires 1d;
}

location @mempool-space-slurper {
	proxy_pass $mempoolSpaceUnfurler;

	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;

	proxy_cache_background_update on;
	proxy_cache_use_stale updating;
	proxy_cache slurper;
	proxy_cache_valid 200 1h; # will re-render page if older than this
	proxy_redirect off;

	expires 10d;
}