Last active
April 25, 2019 21:32
-
-
Save noogen/57bf47e4cd227f584b6ed8c4c9eb3eb6 to your computer and use it in GitHub Desktop.
demo-server.conf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| proxy_cache_path /tmp/nginx/cache levels=1:2 keys_zone=remoteimages:10m max_size=1g inactive=45m; | |
| server { | |
| listen 80; | |
| listen [::]:80 ipv6only=on; | |
| listen 443 ssl; | |
| listen [::]:443 ipv6only=on ssl; | |
| ssl_certificate /etc/nginx/ssl/placeholder-fullchain.crt; | |
| ssl_certificate_key /etc/nginx/ssl/placeholder-privkey.key; | |
| set $width -; | |
| set $height -; | |
| set $rotate 0; | |
| set $quality 96; # default to best quality in case image previously optimized | |
| set $sharpen 0; | |
| set $debugkey "empty"; | |
| set $myhost ""; | |
| set $ofmt ""; | |
| set $debugcode ""; | |
| # image_filter_crop_offset {left,center,right} {top,center,bottom}; | |
| set $crop_offx left; | |
| set $crop_offy top; | |
| server_name _; | |
| root /usr/share/nginx/html; | |
| index index.html index.htm; | |
| # error should simply return as error so user can use image onerror handler | |
| # error_page 403 = @403; | |
| # error_page 404 = @404; | |
| # error_page 415 = @415; | |
| # error_page 500 = @500; | |
| # error_page 502 503 504 = @empty; | |
| error_page 301 302 307 = @handle_redirect; | |
| # begin image_filter stuff | |
| resolver 8.8.8.8 8.8.4.4; | |
| image_filter_buffer 20M; | |
| image_filter_interlace on; | |
| # needed to allow uri protocol slashes from being merged | |
| merge_slashes off; | |
| # proxy_redirect off; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header User-Agent "$http_user_agent"; | |
| proxy_connect_timeout 30s; | |
| proxy_send_timeout 30s; | |
| proxy_read_timeout 30s; | |
| proxy_temp_path /var/cache/nginx/temp; | |
| # prevent client headers from going to origin | |
| proxy_pass_request_headers off; | |
| proxy_ignore_headers Vary Expires Set-Cookie Cache-Control; | |
| proxy_pass_header P3P; | |
| proxy_cache_min_uses 2; | |
| proxy_cache remoteimages; | |
| proxy_ssl_server_name on; | |
| proxy_intercept_errors on; | |
| proxy_cache_use_stale updating error timeout http_500 http_502 http_503 http_504; | |
| proxy_cache_background_update on; | |
| # valid for "any" http status within 10 minutes | |
| proxy_cache_valid any 10m; | |
| proxy_cache_valid 301 302 307 0s; | |
| proxy_cache_key $request_uri; | |
| # only allow GET method | |
| proxy_method GET; | |
| location /healthcheck { | |
| default_type text/plain; | |
| return 200 "OK"; | |
| } | |
| location ~* ^/rx/([^\/]+)/(.*) { | |
| set $myargs "$1"; | |
| set $protocol "http"; | |
| set $image_uri "$2"; | |
| set $cmd "resize"; | |
| set $image_path ""; | |
| set $clean_uri ""; | |
| # if no protocol in URL, add them | |
| if ($image_uri !~ "(http:|https:)") { | |
| set $image_uri "http://$image_uri"; | |
| } | |
| # now process the real image url | |
| if ($image_uri ~ "^(http|https)+([:\/]+)([^/]*)(.*)") { | |
| set $protocol $1; | |
| set $myhost $3; | |
| set $image_path $4; | |
| set $image_uri "$protocol://$myhost$image_path"; | |
| } | |
| # change this to whitelist your host | |
| # if ($myhost !~ ".*(host1.com|host2.org|host3.edu|host4.net|host5.info)$") { | |
| # set $image_uri ""; | |
| # set $debugkey "$myhost=denied"; | |
| # return 403; | |
| # break; | |
| # } | |
| # width | |
| if ($myargs ~ "^(\d+)\D*") { | |
| set $width $1; | |
| } | |
| if ($myargs ~ "w([_]*)(\d+)") { | |
| set $width $2; | |
| } | |
| if ($arg_w) { | |
| set $width $arg_w; | |
| } | |
| # height | |
| if ($myargs ~ "x(\d+)") { | |
| set $height $1; | |
| } | |
| if ($myargs ~ "h([_]*)(\d+)") { | |
| set $height $2; | |
| } | |
| if ($arg_h) { | |
| set $height $arg_h; | |
| } | |
| # quality | |
| if ($myargs ~ "q([_]*)(\d+)") { | |
| set $quality $2; | |
| } | |
| if ($arg_q) { | |
| set $quality $arg_q; | |
| } | |
| # rotate | |
| if ($myargs ~ "r([_]*)(\d+)") { | |
| set $rotate $2; | |
| } | |
| if ($arg_r) { | |
| set $rotate $arg_r; | |
| } | |
| # gravity | |
| if ($myargs ~ "Center") { | |
| set $crop_offx center; | |
| set $crop_offy center; | |
| } | |
| if ($arg_g ~ "Center") { | |
| set $crop_offx center; | |
| set $crop_offy center; | |
| } | |
| if ($myargs ~ "South") { | |
| set $crop_offy bottom; | |
| } | |
| if ($arg_g ~ "South") { | |
| set $crop_offy bottom; | |
| } | |
| if ($myargs ~ "East") { | |
| set $crop_offx right; | |
| } | |
| if ($arg_g ~ "East") { | |
| set $crop_offx right; | |
| } | |
| # sharpen | |
| if ($myargs ~ "e([_]*)(\d+)") { | |
| set $sharpen $2; | |
| } | |
| if ($arg_e) { | |
| set $sharpen $arg_e; | |
| } | |
| # output format | |
| if ($myargs ~ "ofmt([_]*)(\w+)") { | |
| set $ofmt $2; | |
| } | |
| if ($arg_ofmt) { | |
| set $ofmt $arg_ofmt; | |
| } | |
| # crop | |
| if ($myargs ~ "c([_]*)1") { | |
| set $cmd "crop"; | |
| } | |
| if ($arg_c = "1") { | |
| set $cmd "crop"; | |
| } | |
| if ($myargs ~ "g_+") { | |
| set $cmd "crop"; | |
| } | |
| if ($arg_g) { | |
| set $cmd "crop"; | |
| } | |
| # watermark | |
| if ($myargs ~ "water([_]*)1") { | |
| set $cmd "water"; | |
| } | |
| set $debugkey "$image_uri?w=$width&h=$height&q=$quality&r=$rotate&e=$sharpen&cmd=$cmd&ofmt=$ofmt"; | |
| set_unescape_uri $clean_uri "$image_uri$is_args$args"; | |
| rewrite ^ /cmd/$cmd last; | |
| } | |
| location /cmd/resize { | |
| internal; | |
| proxy_pass $clean_uri; | |
| include /etc/nginx/sites-enabled/proxy-hide-headers.common; | |
| add_header X-ImageProxy-Cache $upstream_cache_status; | |
| add_header X-ImageProxy-Debug $debugkey; | |
| expires 24h; | |
| add_header Cache-Control "public"; | |
| #image_filter_water_image /app/logo.png; | |
| #image_filter_water_pos center; | |
| image_filter_scale_max 3; | |
| image_filter_sharpen $sharpen; | |
| image_filter_jpeg_quality $quality; | |
| image_filter_webp_quality $quality; | |
| image_filter_output $ofmt; | |
| image_filter rotate $rotate; | |
| # image_filter resize $width $height; | |
| image_filter resize $width $height; | |
| } | |
| location /cmd/water { | |
| internal; | |
| proxy_pass $clean_uri; | |
| include /etc/nginx/sites-enabled/proxy-hide-headers.common; | |
| add_header X-ImageProxy-Cache $upstream_cache_status; | |
| add_header X-ImageProxy-Debug $debugkey; | |
| expires 24h; | |
| add_header Cache-Control "public"; | |
| image_filter_water_image /app/logo.png; | |
| #image_filter_water_pos center; | |
| image_filter_scale_max 3; | |
| image_filter_sharpen $sharpen; | |
| image_filter_jpeg_quality $quality; | |
| image_filter_webp_quality $quality; | |
| image_filter_output $ofmt; | |
| image_filter rotate $rotate; | |
| image_filter resize $width $height; | |
| } | |
| location /cmd/crop { | |
| internal; | |
| proxy_pass $clean_uri; | |
| include /etc/nginx/sites-enabled/proxy-hide-headers.common; | |
| add_header X-ImageProxy-Cache $upstream_cache_status; | |
| add_header X-ImageProxy-Debug $debugkey; | |
| expires 24h; | |
| add_header Cache-Control "public"; | |
| #image_filter_water_image /app/logo.png; | |
| #image_filter_water_pos center; | |
| image_filter_scale_max 3; | |
| image_filter_sharpen $sharpen; | |
| image_filter_jpeg_quality $quality; | |
| image_filter_webp_quality $quality; | |
| image_filter_output $ofmt; | |
| image_filter rotate $rotate; | |
| image_filter_crop_offset $crop_offx $crop_offy; | |
| image_filter crop $width $height; | |
| } | |
| location @handle_redirect { | |
| set $image_uri "$upstream_http_location"; | |
| # if relative url, append base path | |
| if ($image_uri !~ "(http:|https:)") { | |
| set $image_uri "$protocol://$myhost$image_uri"; | |
| } | |
| set_unescape_uri $clean_uri "http://127.0.0.1/rx/$myargs/$image_uri"; | |
| proxy_cache_bypass 1; | |
| proxy_pass $clean_uri; | |
| } | |
| location @403 { | |
| add_header X-ImageProxy-Code 403 always; | |
| add_header X-ImageProxy-Debug $debugkey always; | |
| empty_gif; | |
| } | |
| location @404 { | |
| add_header X-ImageProxy-Code 404 always; | |
| add_header X-ImageProxy-Debug $debugkey always; | |
| empty_gif; | |
| } | |
| location @415 { | |
| add_header X-ImageProxy-Code 415 always; | |
| add_header X-ImageProxy-Debug $debugkey always; | |
| empty_gif; | |
| } | |
| location @500 { | |
| add_header X-ImageProxy-Code 500 always; | |
| add_header X-ImageProxy-Debug $debugkey always; | |
| empty_gif; | |
| } | |
| location @empty { | |
| add_header X-ImageProxy-Debug $debugkey always; | |
| empty_gif; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment