From 7bee838bb07b8f6134879b2e32bf00870c859ebf Mon Sep 17 00:00:00 2001 From: Jeet Debnath Date: Fri, 24 Apr 2026 12:08:59 +0530 Subject: [PATCH] Update default.conf --- nginx/default.conf | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/nginx/default.conf b/nginx/default.conf index 4f155bd..951a849 100644 --- a/nginx/default.conf +++ b/nginx/default.conf @@ -26,6 +26,20 @@ server { root /usr/share/nginx/html; index index.html; + # Firebase Auth redirect handler — proxied through own domain so Safari ITP + # does not block storage access on firebaseapp.com (cross-site tracker). + # authDomain in firebase config must be set to this server's domain. + # MUST be before static asset caching rules so /__/auth/*.js isn't intercepted. + location ~ ^/__/ { + proxy_pass https://grateful-journal-491109.firebaseapp.com; + proxy_http_version 1.1; + proxy_ssl_server_name on; + proxy_set_header Host grateful-journal-491109.firebaseapp.com; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + } + # Cache hashed static assets (JS/CSS/fonts) for 1 year — Vite adds content hashes location ~* \.(js|css|woff|woff2|ttf|eot|otf)$ { expires 1y; @@ -40,19 +54,6 @@ server { try_files $uri =404; } - # Firebase Auth redirect handler — proxied through own domain so Safari ITP - # does not block storage access on firebaseapp.com (cross-site tracker). - # authDomain in firebase config must be set to this server's domain. - location ~ ^/__/ { - proxy_pass https://grateful-journal-491109.firebaseapp.com; - proxy_http_version 1.1; - proxy_ssl_server_name on; - proxy_set_header Host grateful-journal-491109.firebaseapp.com; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - } - location /api/ { client_max_body_size 5m; proxy_pass http://backend:8001/api/;