From a9a1a3987afc6023826941e137da4f6b156dda51 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Sat, 11 Dec 2021 09:50:51 -0500
Subject: [PATCH] add preload/push for main page phone image

---
 nginx/nginx.conf            | 17 +++++++++++++++++
 nginx/snippets/preload.conf |  2 +-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 22960619..b85a4c95 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -73,6 +73,10 @@ http {
 
     if_modified_since before;
 
+    map $uri $preload_resources_uri {
+        /index.html ", </phone.png>; rel=preload; as=image";
+    }
+
     map $http_cookie $nopush {
         ~__Host-preload=1 1;
         default 0;
@@ -98,6 +102,10 @@ http {
         0 "{{path|/mask-icon.svg}}";
     }
 
+    map $nopush $push_phone {
+        0 /phone.png;
+    }
+
     server {
         listen 80 backlog=4096;
         listen [::]:80 backlog=4096;
@@ -302,6 +310,15 @@ http {
             default_type application/json;
         }
 
+        location = / {
+            include snippets/security-headers.conf;
+            add_header Cross-Origin-Resource-Policy "same-origin" always;
+            add_header Cache-Control "public, no-cache";
+            include snippets/preload.conf;
+            http2_push $push_phone;
+            try_files /index.html =404;
+        }
+
         location = /install/web {
             include snippets/security-headers-base.conf;
             add_header Content-Security-Policy "default-src 'none'; child-src 'self'; connect-src 'self' https://releases.grapheneos.org/; font-src 'self'; img-src 'self'; manifest-src 'self'; script-src 'self'; style-src 'self'; form-action 'none'; frame-ancestors 'none'; block-all-mixed-content; base-uri 'none'" always;
diff --git a/nginx/snippets/preload.conf b/nginx/snippets/preload.conf
index 67ba6fd4..96db1dc0 100644
--- a/nginx/snippets/preload.conf
+++ b/nginx/snippets/preload.conf
@@ -1,4 +1,4 @@
-add_header Link "<{{path|/main.css}}>; rel=preload; as=style; integrity={{integrity|/main.css}}, </fonts/roboto-v29-regular-latin.woff2>; rel=preload; as=font; crossorigin, </fonts/roboto-v29-bold-latin.woff2>; rel=preload; as=font; crossorigin, <{{path|/mask-icon.svg}}>; rel=preload; as=image" always;
+add_header Link "<{{path|/main.css}}>; rel=preload; as=style; integrity={{integrity|/main.css}}, </fonts/roboto-v29-regular-latin.woff2>; rel=preload; as=font; crossorigin, </fonts/roboto-v29-bold-latin.woff2>; rel=preload; as=font; crossorigin, <{{path|/mask-icon.svg}}>; rel=preload; as=image$preload_resources_uri" always;
 add_header Set-Cookie $push_cookie always;
 http2_push $push_stylesheet;
 http2_push $push_font_regular;