From 5fc46836c8daf04e4f0beabe86a7d7e5ba1a6752 Mon Sep 17 00:00:00 2001
From: Cynthia <cynthia@cynthia.dev>
Date: Sat, 28 Jan 2023 00:02:29 +0100
Subject: [PATCH] chore: adapt nginx config

---
 .gitignore                           |  4 ++--
 CODE_OF_CONDUCT.md                   |  2 +-
 HACKING.md                           |  4 ++--
 README.md                            |  3 ++-
 conf/{nginx.prod.conf => nginx.conf} | 33 ++++++++++++----------------
 conf/nginx.dev.conf                  | 32 ---------------------------
 6 files changed, 21 insertions(+), 57 deletions(-)
 rename conf/{nginx.prod.conf => nginx.conf} (63%)
 delete mode 100644 conf/nginx.dev.conf

diff --git a/.gitignore b/.gitignore
index 21e53b2..0720793 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,5 +8,5 @@ node_modules
 *.nogit.*
 
 .env
-config.json
-conf/nginx.custom.conf
+.env.*
+!.env.example
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
index 7e13a85..5168ad3 100644
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -19,4 +19,4 @@ community.
    Extremism is dangerous and only lead to conflicts, and nobody likes conflicts. Exaggerating someone's view on a
    subject to misleadingly claim they are being offensive, oppressive, or otherwise harmful falls under this rule.
 
-You may report unappropriated behavior by shooting me an email at cynthia@cynthia.dev.
+You may report unappropriated behavior by shooting me an email at cynthia@maid.gg.
diff --git a/HACKING.md b/HACKING.md
index 3bee854..6e72080 100644
--- a/HACKING.md
+++ b/HACKING.md
@@ -14,8 +14,8 @@ This repo uses [pnpm](https://pnpm.io/) for dependency management and general ma
 troubles if you try to use another package manager.
 
 ### Development environment
-You can quickly spin up a development environment with [docker compose](https://docs.docker.com/compose/), which will
-have everything needed for PronounDB's website & API to work. It'll have hot-reloading on both the website and the API.
+You can start services needed for PronounDB with with [docker compose](https://docs.docker.com/compose/). Once services
+are up, you can run the dev server with `pnpm run dev` in the websites package.
 
 To test the extension, you can run `pnpm run dev` in the extension package to build the extension & enable automatic
 re-building when files are changed. You'll need to load the extension in your browser manually, and to refresh it
diff --git a/README.md b/README.md
index 666d596..458daf4 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,7 @@
 [![ko-fi](https://www.ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/G2G71TSDF)
 
 [![License](https://img.shields.io/github/license/cyyynthia/pronoundb.org.svg?style=flat-square)](https://github.com/cyyynthia/pronoundb.org/blob/mistress/LICENSE)
+[![Chat on Discord](https://img.shields.io/badge/chat-on%20discord-5865F2?style=flat-square)](https://discord.gg/VnxPeNHHpG)<br/>
 [![Chrome Web Store](https://img.shields.io/chrome-web-store/v/nblkbiljcjfemkfjnhoobnojjgjdmknf?logo=google-chrome&logoColor=white&style=flat-square)](https://chrome.google.com/webstore/detail/pronoundb/nblkbiljcjfemkfjnhoobnojjgjdmknf)
 [![Mozilla Add-on](https://img.shields.io/amo/v/pronoundb?logo=firefox&logoColor=white&style=flat-square)](https://addons.mozilla.org/firefox/addon/pronoundb)
 [![Edge Add-on](https://img.shields.io/badge/dynamic/json?label=edge%20add-on&prefix=v&color=fe7d37&logo=microsoftedge&logoColor=white&style=flat-square&query=%24.version&url=https%3A%2F%2Fmicrosoftedge.microsoft.com%2Faddons%2Fgetproductdetailsbycrxid%2Fjbgjogfdlgjohdacngknlohahhaiaodn)](https://microsoftedge.microsoft.com/addons/detail/jbgjogfdlgjohdacngknlohahhaiaodn)
@@ -36,7 +37,7 @@ For the time being, neo-pronouns are not supported by PronounDB. However, they m
 In my [original statement](https://github.com/cyyynthia/pronoundb.org/blob/f8eaea19/README.md#faq), I stated that
 they would not be something I'll be adding - this is (probably) no longer the case.
 
-I'll be changing the way pronouns are internally handled and formatted soon, which should allow for this to happen.
+I'll be changing the way pronouns are internally handled and formatted soon:tm:, which should allow for this to happen.
 I also revised some of my plans regarding internationalization and found some compromises there too.
 
 ### Custom pronouns
diff --git a/conf/nginx.prod.conf b/conf/nginx.conf
similarity index 63%
rename from conf/nginx.prod.conf
rename to conf/nginx.conf
index 943a5aa..ecafaf8 100644
--- a/conf/nginx.prod.conf
+++ b/conf/nginx.conf
@@ -2,7 +2,7 @@
 # A good chunk of performance & security settings are not here.
 
 limit_conn_zone $binary_remote_addr zone=pdb_conn_limit_per_ip:10m;
-limit_req_zone $binary_remote_addr zone=pdb_req_limit_per_ip:10m rate=10r/s;
+limit_req_zone $binary_remote_addr zone=pdb_req_limit_per_ip:10m rate=50r/s;
 
 server {
   listen 443 ssl http2;
@@ -12,39 +12,34 @@ server {
   client_max_body_size 512K;
 
   limit_conn pdb_conn_limit_per_ip 10;
-  limit_req zone=pdb_req_limit_per_ip burst=10 nodelay;
+  limit_req zone=pdb_req_limit_per_ip burst=50 nodelay;
   limit_req_status 429;
 
-  root /home/cynthia/pronoundb.org/packages/website/dist;
-  try_files $uri @web;
+  access_log /var/log/nginx/pronoundb.access.log;
+  error_log /var/log/nginx/pronoundb.error.log error;
 
-  location /.well-known {
-    try_files $uri =403;
-  }
+  root /home/cynthia/pronoundb.org/packages/website/dist/client;
+  try_files $uri @ssr;
 
-  location /assets {
+  location /_astro {
     add_header cache-control "no-transform, public, max-age=31536000, immutable";
-    try_files $uri @web;
+    try_files $uri =404;
   }
 
-  location @web {
-    proxy_pass http://localhost:7001;
+  location /.well-known {
+    try_files $uri =404;
   }
 
-  location /api {
-    proxy_pass http://localhost:7002;
+  location /@internal {
+    deny all;
   }
 
-  # todo: deprecate?
-  location /shields {
-    proxy_pass http://localhost:7002;
+  location @ssr {
+    proxy_pass http://localhost:7003;
   }
 
   # SSL
   ssl_certificate /etc/letsencrypt/live/pronoundb.org/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/pronoundb.org/privkey.pem;
   ssl_trusted_certificate /etc/letsencrypt/live/pronoundb.org/chain.pem;
-
-  # Additonal prefs
-  include /home/cynthia/pronoundb.org/conf/nginx.custom.conf;
 }
diff --git a/conf/nginx.dev.conf b/conf/nginx.dev.conf
deleted file mode 100644
index 53a6633..0000000
--- a/conf/nginx.dev.conf
+++ /dev/null
@@ -1,32 +0,0 @@
-map $http_upgrade $connection_upgrade {
-  default upgrade;
-  ''      close;
-}
-
-server {
-  listen 80;
-  server_name localhost;
-
-  location / {
-    proxy_pass http://website:3000;
-    proxy_http_version 1.1;
-    proxy_set_header Upgrade $http_upgrade;
-    proxy_set_header Connection $connection_upgrade;
-    add_header X-Upstream "web" always;
-  }
-
-  location /metrics {
-    proxy_pass http://api:8080;
-    add_header X-Upstream "metrics" always;
-  }
-
-  location /api {
-    proxy_pass http://api:8080;
-    add_header X-Upstream "api" always;
-  }
-
-  location /shields {
-    proxy_pass http://api:8080;
-    add_header X-Upstream "api-shields" always;
-  }
-}