Mini Shell

####
# per NGINX (http://nginx.org/en/docs/http/ngx_http_gzip_module.html):
#    - When using the SSL/TLS protocol, compressed responses may be subject to BREACH attacks.
#    - https://en.wikipedia.org/wiki/BREACH
# The best mitigation (besides not using compression at all) is:
#    1. Not sending sensitive data as part of your HTTP response
#    2. Use strict samesite cookies
#       - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite
#
# If that is not an acceptable risk please uninstall `ea-nginx-brotli`
##

# enable it and make it work
brotli on;
brotli_static on;

# tune it
brotli_buffers 16 8k;
brotli_comp_level 5;
brotli_min_length 256;

# text/html is always included so it does not need to be in `brotli_types`
# if you do add it you will getting:
#    `nginx: [warn] duplicate MIME type "text/html" in …`
brotli_types
           application/atom+xml
           application/javascript
           application/json
           application/ld+json
           application/manifest+json
           application/rss+xml
           application/vnd.geo+json
           application/vnd.ms-fontobject
           application/x-font-opentype
           application/x-font-truetype
           application/x-font-ttf
           application/x-javascript
           application/x-web-app-manifest+json
           application/xhtml+xml
           application/xml
           font/eot
           font/opentype
           font/otf
           font/truetype
           image/bmp
           image/svg+xml
           image/vnd.microsoft.icon
           image/x-icon
           image/x-win-bitmap
           text/cache-manifest
           text/css
           text/json
           text/javascript
           text/plain
           text/shtml
           text/vcard
           text/vnd.rim.location.xloc
           text/vtt
           text/x-component
           text/x-cross-domain-policy
           text/x-js
           text/xml;