content/2015-11.md: Add notes for 2015-11-25

Signed-off-by: Alan Orth <alan.orth@gmail.com>

content/2015-11.md

@@ -30,3 +30,33 @@ $ psql -c 'SELECT * from pg_stat_activity;' | grep idle | grep -c cgspace
 ```
 
 - For some reason the number of idle connections is very high since we upgraded to DSpace 5
+
+## 2015-11-25
+
+- Troubleshoot the DSpace 5 OAI breakage caused by nginx routing config
+- The OAI application requests stylesheets and javascript files with the path `/oai/static/css`, which gets matched here:
+
+```
+# static assets we can load from the file system directly with nginx
+location ~ /(themes|static|aspects/ReportingSuite) {
+    try_files $uri @tomcat;
+...
+```
+
+- The document root is relative to the xmlui app, so this gets a 404—I'm not sure why it doesn't pass to `@tomcat`
+- Anyways, I can't find any URIs with path `/static`, and the more important point is to handle all the static theme assets, so we can just remove `static` from the regex for now (who cares if we can't use nginx to send Etags for OAI CSS!)
+- Also, I noticed we aren't setting CSP headers on the static assets, because in nginx headers are inherited in child blocks, but if you use `add_header` in a child block it doesn't inherit the others
+- We simply need to add `include extra-security.conf;` to the above location block (but research and test first)
+- We should add WOFF assets to the list of things to set expires for:
+
+```
+location ~* \.(?:ico|css|js|gif|jpe?g|png|woff)$ {
+```
+
+- We should also add `aspects/Statistics` to the location block for static assets (minus `static` from above):
+
+```
+location ~ /(themes|aspects/ReportingSuite|aspects/Statistics) {
+```
+
+- Need to check `/about` on CGSpace, as it's blank on my local test server and we might need to add something there