worker_processes 2; error_log /var/logs/nginx/mydomain.error.log; pid /var/run/nginx.pid; include /usr/share/nginx/modules/*.conf; # See /usr/share/doc/nginx/README.dynamic. events { worker_connections 1024; ## Default: 1024 use epoll; # http://nginx.org/en/docs/events.html multi_accept on; # http://nginx.org/en/docs/ngx_core_module.html#multi_accept } # Core Modules Docs: # http://nginx.org/en/docs/http/ngx_http_core_module.html http { include '/etc/nginx/mime.types'; default_type application/octet-stream; keepalive_timeout 65; keepalive_requests 100000; tcp_nopush on; tcp_nodelay on; # Nginx `listener` block server { listen [::]:80 default_server; listen 80; gzip on; gzip_types text/css application/javascript application/json image/svg+xml; gzip_comp_level 9; etag on; # Reverse Proxy for `orthanc` APIs (including DICOMWeb) # location /pacs/ { proxy_http_version 1.1; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; expires 0; add_header Cache-Control private; # Add CORS headers # Note: uncomment the following line to allow all domains to access the Orthanc APIs # You should actually only allow the domains you trust to access the APIs # add_header 'Access-Control-Allow-Origin' '*' always; proxy_pass http://orthanc:8042/; # By default, this endpoint is protected by CORS (cross-origin-resource-sharing) # You can add headers to allow other domains to request this resource. # See the "Updating CORS Settings" example below } # Do not cache sw.js, required for offline-first updates. location /sw.js { add_header Cache-Control "no-cache"; proxy_cache_bypass $http_pragma; proxy_cache_revalidate on; expires off; access_log off; } # Single Page App # Try files, fallback to index.html # location / { root /var/www/html; index index.html; try_files $uri $uri/ /index.html; add_header Cache-Control "no-store, no-cache, must-revalidate"; add_header 'Cross-Origin-Opener-Policy' 'same-origin' always; add_header 'Cross-Origin-Embedder-Policy' 'require-corp' always; } } }