fix nginx config images

lexCoder2 · lexCoder2 · commit ad664b4acd44 · 2025-12-16T05:46:19.000Z
diff --git a/deployment/nginx/posdic-local.conf b/deployment/nginx/posdic-local.conf
@@ -58,15 +58,21 @@ server {
         }
     }
 
-    # Product images
-    location /product_images {
-        alias /var/www/posdic/backend/product_images;
+    # Product images - must come before static files regex
+    location /product_images/ {
+        alias /var/www/posdic/backend/product_images/;
         expires 7d;
         add_header Cache-Control "public";
+
+        # CORS headers for mobile app support
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
+        add_header Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With" always;
+        add_header Access-Control-Allow-Credentials "true" always;
     }
 
-    # Static files with cache
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
+    # Static files with cache (excluding product_images to avoid conflict)
+    location ~* ^/(?!product_images/).*\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
         expires 30d;
         add_header Cache-Control "public";
     }
@@ -112,7 +118,7 @@ server {
     gzip_vary on;
     gzip_min_length 1024;
     gzip_comp_level 6;
-    gzip_types text/plain text/css text/xml text/javascript 
+    gzip_types text/plain text/css text/xml text/javascript
                application/json application/javascript application/xml+rss;
 
     # API Backend
@@ -126,29 +132,35 @@ server {
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         proxy_set_header X-Forwarded-Proto $scheme;
         proxy_cache_bypass $http_upgrade;
-        
+
         # CORS headers for mobile app support (development)
         add_header Access-Control-Allow-Origin $http_origin always;
         add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, PATCH, OPTIONS" always;
         add_header Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With" always;
         add_header Access-Control-Allow-Credentials "true" always;
         add_header Access-Control-Max-Age 3600 always;
-        
+
         # Handle preflight OPTIONS requests
         if ($request_method = 'OPTIONS') {
             return 204;
         }
     }
 
-    # Product images
-    location /product_images {
-        alias /var/www/posdic/backend/product_images;
+    # Product images - must come before static files regex
+    location /product_images/ {
+        alias /var/www/posdic/backend/product_images/;
         expires 7d;
         add_header Cache-Control "public";
+
+        # CORS headers for mobile app support
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
+        add_header Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With" always;
+        add_header Access-Control-Allow-Credentials "true" always;
     }
 
-    # Static files with cache
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
+    # Static files with cache (excluding product_images to avoid conflict)
+    location ~* ^/(?!product_images/).*\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
         expires 30d;
         add_header Cache-Control "public";
     }
diff --git a/deployment/nginx/posdic.conf b/deployment/nginx/posdic.conf
@@ -96,15 +96,21 @@ server {
         add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0";
     }
 
-    # Product images
-    location /product_images {
-        alias /var/www/posdic/backend/product_images;
+    # Product images - must come before static files regex
+    location /product_images/ {
+        alias /var/www/posdic/backend/product_images/;
         expires 7d;
         add_header Cache-Control "public, immutable";
+
+        # CORS headers for mobile app support
+        add_header Access-Control-Allow-Origin $http_origin always;
+        add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
+        add_header Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With" always;
+        add_header Access-Control-Allow-Credentials "true" always;
     }
 
-    # Static files with cache
-    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
+    # Static files with cache (excluding product_images to avoid conflict)
+    location ~* ^/(?!product_images/).*\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
         expires 1y;
         add_header Cache-Control "public, immutable";
         access_log off;
