hot fixes to utc-6

This commit is contained in:
Dorian
2026-03-12 12:56:59 +00:00
parent 6fee6befed
commit f05198ea09
26 changed files with 1123 additions and 76 deletions

View File

@@ -20,6 +20,7 @@ server {
alias /opt/archipelago/web-ui/aiui/;
index index.html;
try_files $uri $uri/ =404;
add_header Cache-Control "no-cache, no-store, must-revalidate";
}
# AIUI Claude API proxy — requires valid session cookie
@@ -411,6 +412,7 @@ server {
proxy_pass https://botfights.net/;
proxy_http_version 1.1;
proxy_set_header Host botfights.net;
proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on;
proxy_hide_header X-Frame-Options;
proxy_hide_header Content-Security-Policy;
@@ -418,24 +420,50 @@ server {
proxy_hide_header Cross-Origin-Opener-Policy;
proxy_hide_header Cross-Origin-Resource-Policy;
add_header X-Content-Type-Options "nosniff" always;
sub_filter_once off;
sub_filter_types text/css application/javascript;
sub_filter 'href="/' 'href="/ext/botfights/';
sub_filter 'src="/' 'src="/ext/botfights/';
sub_filter 'action="/' 'action="/ext/botfights/';
sub_filter "href='/" "href='/ext/botfights/";
sub_filter "src='/" "src='/ext/botfights/";
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
}
location /ext/484-kitchen/ {
proxy_pass https://484.kitchen/;
proxy_http_version 1.1;
proxy_set_header Host 484.kitchen;
proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on;
proxy_hide_header X-Frame-Options;
proxy_hide_header Content-Security-Policy;
add_header X-Content-Type-Options "nosniff" always;
sub_filter_once off;
sub_filter_types text/css application/javascript;
sub_filter 'href="/' 'href="/ext/484-kitchen/';
sub_filter 'src="/' 'src="/ext/484-kitchen/';
sub_filter 'action="/' 'action="/ext/484-kitchen/';
sub_filter "href='/" "href='/ext/484-kitchen/";
sub_filter "src='/" "src='/ext/484-kitchen/";
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
}
location /ext/arch-presentation/ {
proxy_pass https://present.l484.com/;
proxy_http_version 1.1;
proxy_set_header Host present.l484.com;
proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on;
proxy_hide_header X-Frame-Options;
proxy_hide_header Content-Security-Policy;
add_header X-Content-Type-Options "nosniff" always;
sub_filter_once off;
sub_filter_types text/css application/javascript;
sub_filter 'href="/' 'href="/ext/arch-presentation/';
sub_filter 'src="/' 'src="/ext/arch-presentation/';
sub_filter 'action="/' 'action="/ext/arch-presentation/';
sub_filter "href='/" "href='/ext/arch-presentation/";
sub_filter "src='/" "src='/ext/arch-presentation/";
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
}
# Proxy WebSocket
@@ -477,6 +505,7 @@ server {
alias /opt/archipelago/web-ui/aiui/;
index index.html;
try_files $uri $uri/ =404;
add_header Cache-Control "no-cache, no-store, must-revalidate";
}
location /aiui/api/claude/ {
if ($cookie_session = "") {
@@ -642,6 +671,7 @@ server {
proxy_pass https://botfights.net/;
proxy_http_version 1.1;
proxy_set_header Host botfights.net;
proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on;
proxy_hide_header X-Frame-Options;
proxy_hide_header Content-Security-Policy;
@@ -649,24 +679,50 @@ server {
proxy_hide_header Cross-Origin-Opener-Policy;
proxy_hide_header Cross-Origin-Resource-Policy;
add_header X-Content-Type-Options "nosniff" always;
sub_filter_once off;
sub_filter_types text/css application/javascript;
sub_filter 'href="/' 'href="/ext/botfights/';
sub_filter 'src="/' 'src="/ext/botfights/';
sub_filter 'action="/' 'action="/ext/botfights/';
sub_filter "href='/" "href='/ext/botfights/";
sub_filter "src='/" "src='/ext/botfights/";
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
}
location /ext/484-kitchen/ {
proxy_pass https://484.kitchen/;
proxy_http_version 1.1;
proxy_set_header Host 484.kitchen;
proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on;
proxy_hide_header X-Frame-Options;
proxy_hide_header Content-Security-Policy;
add_header X-Content-Type-Options "nosniff" always;
sub_filter_once off;
sub_filter_types text/css application/javascript;
sub_filter 'href="/' 'href="/ext/484-kitchen/';
sub_filter 'src="/' 'src="/ext/484-kitchen/';
sub_filter 'action="/' 'action="/ext/484-kitchen/';
sub_filter "href='/" "href='/ext/484-kitchen/";
sub_filter "src='/" "src='/ext/484-kitchen/";
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
}
location /ext/arch-presentation/ {
proxy_pass https://present.l484.com/;
proxy_http_version 1.1;
proxy_set_header Host present.l484.com;
proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on;
proxy_hide_header X-Frame-Options;
proxy_hide_header Content-Security-Policy;
add_header X-Content-Type-Options "nosniff" always;
sub_filter_once off;
sub_filter_types text/css application/javascript;
sub_filter 'href="/' 'href="/ext/arch-presentation/';
sub_filter 'src="/' 'src="/ext/arch-presentation/';
sub_filter 'action="/' 'action="/ext/arch-presentation/';
sub_filter "href='/" "href='/ext/arch-presentation/";
sub_filter "src='/" "src='/ext/arch-presentation/";
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
}
location /ws {
@@ -679,3 +735,67 @@ server {
}
}
# External site reverse proxies — each on its own port so SPAs work at root.
# Strips X-Frame-Options to allow iframe embedding from Archipelago UI.
# Injects NIP-07 nostr-provider.js for Nostr login integration.
server {
listen 8901;
server_name _;
location / {
proxy_pass https://botfights.net;
proxy_http_version 1.1;
proxy_set_header Host botfights.net;
proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on;
proxy_hide_header X-Frame-Options;
proxy_hide_header Content-Security-Policy;
proxy_hide_header Cross-Origin-Embedder-Policy;
proxy_hide_header Cross-Origin-Opener-Policy;
proxy_hide_header Cross-Origin-Resource-Policy;
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
sub_filter_once on;
}
# Serve nostr-provider.js from the main web-ui directory
location = /nostr-provider.js {
alias /opt/archipelago/web-ui/nostr-provider.js;
}
}
server {
listen 8902;
server_name _;
location / {
proxy_pass https://484.kitchen;
proxy_http_version 1.1;
proxy_set_header Host 484.kitchen;
proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on;
proxy_hide_header X-Frame-Options;
proxy_hide_header Content-Security-Policy;
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
sub_filter_once on;
}
location = /nostr-provider.js {
alias /opt/archipelago/web-ui/nostr-provider.js;
}
}
server {
listen 8903;
server_name _;
location / {
proxy_pass https://present.l484.com;
proxy_http_version 1.1;
proxy_set_header Host present.l484.com;
proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on;
proxy_hide_header X-Frame-Options;
proxy_hide_header Content-Security-Policy;
sub_filter '</head>' '<script src="/nostr-provider.js"></script></head>';
sub_filter_once on;
}
location = /nostr-provider.js {
alias /opt/archipelago/web-ui/nostr-provider.js;
}
}