-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathnetlify.toml
More file actions
81 lines (69 loc) · 2.26 KB
/
netlify.toml
File metadata and controls
81 lines (69 loc) · 2.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
# Netlify Configuration for SOHAM
# Production-ready settings for Next.js PWA deployment
[build]
command = "npm run build"
# Do NOT set publish directory when using @netlify/plugin-nextjs
# The plugin handles deployment automatically
# Function configuration
[functions]
# Increase timeout for TTS endpoint (default is 10s, max is 26s for Pro)
# This allows TTS to try multiple endpoints before timing out
node_bundler = "esbuild"
# Use the official Netlify Next.js plugin
[[plugins]]
package = "@netlify/plugin-nextjs"
# Environment variables for build
[build.environment]
NODE_VERSION = "20"
NPM_FLAGS = "--legacy-peer-deps"
NEXT_TELEMETRY_DISABLED = "1"
SKIP_ENV_VALIDATION = "true"
# Disable secret scanning for public Next.js environment variables
# These NEXT_PUBLIC_* variables are intentionally public and safe
SECRETS_SCAN_ENABLED = "false"
# Force fresh build - disable all caching
NETLIFY_USE_YARN = "false"
NETLIFY_USE_PNPM = "false"
# Headers for PWA and security
[[headers]]
for = "/*"
[headers.values]
X-Frame-Options = "DENY"
X-Content-Type-Options = "nosniff"
X-XSS-Protection = "1; mode=block"
Referrer-Policy = "strict-origin-when-cross-origin"
Permissions-Policy = "camera=(), microphone=(self), geolocation=()"
# Service Worker headers
[[headers]]
for = "/sw.js"
[headers.values]
Cache-Control = "public, max-age=0, must-revalidate"
Content-Type = "application/javascript"
# Manifest headers
[[headers]]
for = "/manifest.json"
[headers.values]
Cache-Control = "public, max-age=0, must-revalidate"
Content-Type = "application/manifest+json"
# Static assets caching
[[headers]]
for = "/icons/*"
[headers.values]
Cache-Control = "public, max-age=31536000, immutable"
[[headers]]
for = "/_next/static/*"
[headers.values]
Cache-Control = "public, max-age=31536000, immutable"
# Redirects for SPA routing
[[redirects]]
from = "/offline"
to = "/offline.html"
status = 200
# API routes should not be cached
[[headers]]
for = "/api/*"
[headers.values]
Cache-Control = "no-store, no-cache, must-revalidate"
Access-Control-Allow-Origin = "*"
Access-Control-Allow-Methods = "GET, POST, PUT, DELETE, OPTIONS"
Access-Control-Allow-Headers = "Content-Type, Authorization"