Certificates Renewal + SSE

- Certificate renewal is just a re-request as it's forced already - Rejig the routes for readability - Added Server Side Events so that the UI would invalidate the cache when changes happen on the backend, such as certs being provided or failing - Added a SSE Token, which has the same shelf life as normal token but can't be used interchangeably. The reason for this is, the SSE endpoint needs a token for auth as a Query param, so it would be stored in log files. If someone where to get a hold of that, it's pretty useless as it can't be used to change anything, only to listen for events until it expires - Added test endpoint for SSE testing only availabe in debug mode
2025-06-18 10:06:26 +00:00 · 2023-03-07 16:42:26 +10:00
parent 35550082bf
commit 215083f6cf
29 changed files with 665 additions and 197 deletions
--- a/docker/rootfs/etc/nginx/conf.d/dev.conf
+++ b/docker/rootfs/etc/nginx/conf.d/dev.conf
@ -7,12 +7,18 @@ server {
 	}

 	location /api/ {
-		add_header            X-Served-By $host;
-		proxy_set_header Host $host;
-		proxy_set_header      X-Forwarded-Scheme $scheme;
-		proxy_set_header      X-Forwarded-Proto  $scheme;
-		proxy_set_header      X-Forwarded-For    $remote_addr;
-		proxy_pass            http://127.0.0.1:3000/api/;
+		add_header                X-Served-By $host;
+		chunked_transfer_encoding off;
+		proxy_buffering           off;
+		proxy_cache               off;
+		proxy_http_version        1.1;
+		proxy_set_header          Host $host;
+		proxy_set_header          Connection '';
+		proxy_set_header          X-Forwarded-Scheme $scheme;
+		proxy_set_header          X-Forwarded-Proto  $scheme;
+		proxy_set_header          X-Forwarded-For    $remote_addr;
+		proxy_set_header          X-Accel-Buffering  no;
+		proxy_pass                http://127.0.0.1:3000/api/;
 	}

 	location ~ .html {
--- a/docker/rootfs/etc/nginx/conf.d/production.conf
+++ b/docker/rootfs/etc/nginx/conf.d/production.conf
@ -4,11 +4,17 @@ server {
 	server_name nginxproxymanager;

 	location / {
-		add_header            X-Served-By $host;
-		proxy_set_header Host $host;
-		proxy_set_header      X-Forwarded-Scheme $scheme;
-		proxy_set_header      X-Forwarded-Proto  $scheme;
-		proxy_set_header      X-Forwarded-For    $remote_addr;
-		proxy_pass            http://localhost:3000/;
+		add_header                X-Served-By $host;
+		chunked_transfer_encoding off;
+		proxy_buffering           off;
+		proxy_cache               off;
+		proxy_http_version        1.1;
+		proxy_set_header Host     $host;
+		proxy_set_header          Connection '';
+		proxy_set_header          X-Forwarded-Scheme $scheme;
+		proxy_set_header          X-Forwarded-Proto  $scheme;
+		proxy_set_header          X-Forwarded-For    $remote_addr;
+		proxy_set_header          X-Accel-Buffering  no;
+		proxy_pass                http://localhost:3000/;
 	}
 }