From 270e404b1fbb3faa284f633d2628bd9b500550cb Mon Sep 17 00:00:00 2001 From: guozhen Date: Sat, 15 Feb 2025 19:44:57 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E6=94=B9nginx=E9=85=8D?= =?UTF-8?q?=E7=BD=AE=E6=96=87=E4=BB=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 5 ++++- deploy/nginx.conf | 28 +++++++++++++++++++++------- static/error.html | 44 ++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 69 insertions(+), 8 deletions(-) create mode 100644 static/error.html diff --git a/Dockerfile b/Dockerfile index fb9a9f735..c835506c0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM swr.cn-north-4.myhuaweicloud.com/opensourceway/openeuler/nginx-hugo:1.24.0-22.03-lts-sp1-0.121.1 +FROM swr.cn-north-4.myhuaweicloud.com/opensourceway/openeuler/nginx-hugo:latest RUN git config --global http.postBuffer 1048576000 && \ git config --global https.postBuffer 1048576000 @@ -9,6 +9,9 @@ COPY ./deploy/nginx.conf /etc/nginx/nginx.conf COPY ./sitemap/sitemap-en.xml ./sitemap/sitemap-zh.xml /usr/share/nginx/html/ COPY ./sitemap/51e990e4796e419eb4a6e0c35efbb50f.txt /usr/share/nginx/html/ +RUN yum update -y \ + && yum install -y pcre-devel + RUN cd /src/ && \ git clone https://gitee.com/opengauss/docs --depth=1 latest/docs && \ mkdir -p /src/website/content/zh/docs/latest && \ diff --git a/deploy/nginx.conf b/deploy/nginx.conf index 056bfbf4c..0784b9496 100644 --- a/deploy/nginx.conf +++ b/deploy/nginx.conf @@ -11,7 +11,6 @@ events { worker_connections 4096; } - http { include /etc/nginx/mime.types; @@ -66,21 +65,36 @@ http { server_name localhost; charset utf-8; limit_conn perserver 50; - if ($request_method = 'OPTIONS') { - return 401; + # if ($request_method = 'OPTIONS') { + # return 401; + # } + if ($request_method !~ ^(GET|POST)$) { + return 444; } - + add_header X-XSS-Protection "1; mode=block"; + add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + add_header Content-Security-Policy "script-src 'self'; object-src 'none'; frame-src 'none'"; + add_header Cache-Control "no-cache,no-store,must-revalidate"; + add_header Pragma no-cache; + add_header Expires 0; + location / { - root /usr/share/nginx/html; - index index.html index.htm; + root /usr/share/nginx/html; + index index.html index.htm; } - error_page 404 /zh/404.html; + error_page 401 402 403 404 405 406 407 413 414 /zh/404.html; + error_page 500 501 502 503 504 505 /error.html; location = /zh/404.html { root /usr/share/nginx/html; } + location = /error.html { + root /usr/share/nginx/html; + } + location /api-search/ { proxy_pass https://doc-search-opengauss.osinfra.cn/; } diff --git a/static/error.html b/static/error.html new file mode 100644 index 000000000..d3ad95409 --- /dev/null +++ b/static/error.html @@ -0,0 +1,44 @@ + + + + + + + + openEuler + + + + +
+ +

Error

+
+ + + \ No newline at end of file -- Gitee