Fix proxy configuration for nginx deployment

- Disable WebSocket HMR to prevent SSL WebSocket errors - Add MIME type headers middleware for /_nuxt/ assets - Create nginx proxy configuration template - Add client-side proxy headers plugin - Update Nuxt configuration for proxy compatibility - Add comprehensive proxy setup documentation Resolves WebSocket SSL errors and MIME type issues when running behind nginx proxy.
2025-08-03 17:52:23 -06:00
parent 2f90d92ad9
commit d96e992a07
6 changed files with 408 additions and 54 deletions
--- a/server/middleware/proxy-headers.ts
+++ b/server/middleware/proxy-headers.ts
@@ -0,0 +1,59 @@
+export default defineEventHandler(async (event) => {
+  const url = getRequestURL(event)
+  
+  // Fix MIME type issues for Nuxt assets
+  if (url.pathname.startsWith('/_nuxt/')) {
+    const ext = url.pathname.split('.').pop()?.toLowerCase()
+    
+    switch (ext) {
+      case 'js':
+        setHeader(event, 'Content-Type', 'application/javascript; charset=utf-8')
+        break
+      case 'mjs':
+        setHeader(event, 'Content-Type', 'application/javascript; charset=utf-8')
+        break
+      case 'css':
+        setHeader(event, 'Content-Type', 'text/css; charset=utf-8')
+        break
+      case 'json':
+        setHeader(event, 'Content-Type', 'application/json; charset=utf-8')
+        break
+      case 'svg':
+        setHeader(event, 'Content-Type', 'image/svg+xml; charset=utf-8')
+        break
+    }
+  }
+  
+  // Handle proxy headers for API requests
+  if (url.pathname.startsWith('/api/')) {
+    // Trust proxy headers
+    const realIP = getHeader(event, 'x-real-ip') || getHeader(event, 'x-forwarded-for')
+    const proto = getHeader(event, 'x-forwarded-proto') || 'http'
+    const host = getHeader(event, 'host')
+    
+    // Set CORS headers for cross-origin requests through proxy
+    setHeader(event, 'Access-Control-Allow-Origin', '*')
+    setHeader(event, 'Access-Control-Allow-Methods', 'GET, POST, OPTIONS')
+    setHeader(event, 'Access-Control-Allow-Headers', 'Content-Type, Authorization, Range')
+    
+    // Handle music file requests specially
+    if (url.pathname.startsWith('/api/music/')) {
+      // Ensure proper caching headers for audio files
+      setHeader(event, 'Cache-Control', 'public, max-age=3600') // 1 hour cache
+      setHeader(event, 'Accept-Ranges', 'bytes')
+      
+      // Add security headers
+      setHeader(event, 'X-Content-Type-Options', 'nosniff')
+      setHeader(event, 'X-Frame-Options', 'DENY')
+    }
+  }
+  
+  // Handle OPTIONS preflight requests
+  if (event.node.req.method === 'OPTIONS') {
+    setHeader(event, 'Access-Control-Allow-Origin', '*')
+    setHeader(event, 'Access-Control-Allow-Methods', 'GET, POST, OPTIONS')
+    setHeader(event, 'Access-Control-Allow-Headers', 'Content-Type, Authorization, Range')
+    setResponseStatus(event, 200)
+    return ''
+  }
+})