gzip on; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_min_length 256; gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript application/json application/xml application/rss+xml application/atom+xml image/svg+xml font/truetype font/opentype application/vnd.ms-fontobject; server { listen 80; server_name _; root /usr/share/nginx/html; index index.html; # Cache hashed static assets (JS/CSS/fonts) for 1 year — Vite adds content hashes location ~* \.(js|css|woff|woff2|ttf|eot|otf)$ { expires 1y; add_header Cache-Control "public, max-age=31536000, immutable"; try_files $uri =404; } # Cache images for 30 days location ~* \.(png|jpg|jpeg|gif|ico|svg|webp|avif)$ { expires 30d; add_header Cache-Control "public, max-age=2592000"; try_files $uri =404; } location /api/ { client_max_body_size 5m; proxy_pass http://backend:8001/api/; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /health { proxy_pass http://backend:8001/health; proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # Homepage location = / { try_files /index.html =404; } # Pre-rendered public pages — each gets its own HTML with correct meta tags location ~ ^/about(/|$) { try_files /about.html =404; } location ~ ^/privacy(/|$) { try_files /privacy.html =404; } location ~ ^/termsofservice(/|$) { try_files /termsofservice.html =404; } # Protected SPA routes — serve index.html (React handles auth redirect) location ~ ^/(write|history|settings)(/|$) { try_files /index.html =404; } # Static assets — serve directly, 404 if missing location / { try_files $uri $uri/ =404; } }