Add proxy cache

This commit is contained in:
byte[] 2022-05-14 20:33:31 -04:00
parent 07862b0d0c
commit f2b6593da2
2 changed files with 21 additions and 48 deletions

View file

@ -9,6 +9,7 @@ RUN apk add --no-cache gettext curl perl && opm get jkeys089/lua-resty-hmac=0.06
COPY docker/web/aws-signature.lua /etc/nginx/lua COPY docker/web/aws-signature.lua /etc/nginx/lua
COPY docker/web/nginx.conf /tmp/docker.nginx COPY docker/web/nginx.conf /tmp/docker.nginx
RUN envsubst '$APP_DIR $S3_SCHEME $S3_HOST $S3_PORT $S3_BUCKET' < /tmp/docker.nginx > /etc/nginx/conf.d/default.conf && \ RUN envsubst '$APP_DIR $S3_SCHEME $S3_HOST $S3_PORT $S3_BUCKET' < /tmp/docker.nginx > /etc/nginx/conf.d/default.conf && \
mkdir -p /var/www/cache/tmp && \
echo 'env AWS_ACCESS_KEY_ID;' >> /usr/local/openresty/nginx/conf/nginx.conf && \ echo 'env AWS_ACCESS_KEY_ID;' >> /usr/local/openresty/nginx/conf/nginx.conf && \
echo 'env AWS_SECRET_ACCESS_KEY;' >> /usr/local/openresty/nginx/conf/nginx.conf echo 'env AWS_SECRET_ACCESS_KEY;' >> /usr/local/openresty/nginx/conf/nginx.conf
EXPOSE 80 EXPOSE 80

View file

@ -45,6 +45,8 @@ init_by_lua_block {
end end
} }
proxy_cache_path /var/www/cache levels=1:2 keys_zone=s3-cache:8m max_size=1000m inactive=600m;
server { server {
listen 80 default; listen 80 default;
listen [::]:80; listen [::]:80;
@ -54,10 +56,13 @@ server {
client_max_body_size 125000000; client_max_body_size 125000000;
client_body_buffer_size 128k; client_body_buffer_size 128k;
location ~ ^/img/view/(.+)/([0-9]+).*\.([A-Za-z0-9]+)$ { location /$S3_BUCKET {
rewrite ^/img/view/(.+)/([0-9]+).*\.([A-Za-z0-9]+)$ "/$S3_BUCKET/images/$1/$2/full.$3" break; internal;
access_by_lua "sign_aws_request()"; access_by_lua "sign_aws_request()";
proxy_pass "$S3_SCHEME://$S3_HOST:$S3_PORT"; proxy_pass "$S3_SCHEME://$S3_HOST:$S3_PORT";
proxy_cache s3-cache;
proxy_cache_valid 1h;
proxy_hide_header Content-Type; proxy_hide_header Content-Type;
proxy_ssl_server_name on; proxy_ssl_server_name on;
@ -68,8 +73,11 @@ server {
location ~ ^/img/download/(.+)/([0-9]+).*\.([A-Za-z0-9]+)$ { location ~ ^/img/download/(.+)/([0-9]+).*\.([A-Za-z0-9]+)$ {
rewrite ^/img/download/(.+)/([0-9]+).*\.([A-Za-z0-9]+)$ "/$S3_BUCKET/images/$1/$2/full.$3" break; rewrite ^/img/download/(.+)/([0-9]+).*\.([A-Za-z0-9]+)$ "/$S3_BUCKET/images/$1/$2/full.$3" break;
access_by_lua "sign_aws_request()"; access_by_lua "sign_aws_request()";
proxy_pass "$S3_SCHEME://$S3_HOST:$S3_PORT"; proxy_pass "$S3_SCHEME://$S3_HOST:$S3_PORT";
proxy_cache s3-cache;
proxy_cache_valid 1h;
proxy_hide_header Content-Type; proxy_hide_header Content-Type;
proxy_ssl_server_name on; proxy_ssl_server_name on;
@ -79,40 +87,20 @@ server {
add_header Content-Disposition "attachment"; add_header Content-Disposition "attachment";
} }
location ~ ^/img/(.+)$ { location ~ ^/img/view/(.+)/([0-9]+).*\.([A-Za-z0-9]+)$ {
rewrite ^/img/(.+)$ "/$S3_BUCKET/images/$1" break; rewrite ^/img/view/(.+)/([0-9]+).*\.([A-Za-z0-9]+)$ "/$S3_BUCKET/images/$1/$2/full.$3" last;
access_by_lua "sign_aws_request()"; }
proxy_pass "$S3_SCHEME://$S3_HOST:$S3_PORT";
proxy_hide_header Content-Type;
proxy_ssl_server_name on;
expires max; location ~ ^/img/(.+)$ {
add_header Cache-Control public; rewrite ^/img/(.+)$ "/$S3_BUCKET/images/$1" last;
add_header Content-Type $custom_content_type;
} }
location ~ ^/spns/(.+) { location ~ ^/spns/(.+) {
rewrite ^/spns/(.+)$ "/$S3_BUCKET/adverts/$1" break; rewrite ^/spns/(.+)$ "/$S3_BUCKET/adverts/$1" last;
access_by_lua "sign_aws_request()";
proxy_pass "$S3_SCHEME://$S3_HOST:$S3_PORT";
proxy_hide_header Content-Type;
proxy_ssl_server_name on;
expires max;
add_header Cache-Control public;
add_header Content-Type $custom_content_type;
} }
location ~ ^/avatars/(.+) { location ~ ^/avatars/(.+) {
rewrite ^/avatars/(.+)$ "/$S3_BUCKET/avatars/$1" break; rewrite ^/avatars/(.+)$ "/$S3_BUCKET/avatars/$1" last;
access_by_lua "sign_aws_request()";
proxy_pass "$S3_SCHEME://$S3_HOST:$S3_PORT";
proxy_hide_header Content-Type;
proxy_ssl_server_name on;
expires max;
add_header Cache-Control public;
add_header Content-Type $custom_content_type;
} }
# The following two location blocks use an -img suffix to avoid # The following two location blocks use an -img suffix to avoid
@ -120,27 +108,11 @@ server {
# is not necessary since assets will be on a distinct domain. # is not necessary since assets will be on a distinct domain.
location ~ ^/badge-img/(.+) { location ~ ^/badge-img/(.+) {
rewrite ^/badge-img/(.+)$ "/$S3_BUCKET/badges/$1" break; rewrite ^/badge-img/(.+)$ "/$S3_BUCKET/badges/$1" last;
access_by_lua "sign_aws_request()";
proxy_pass "$S3_SCHEME://$S3_HOST:$S3_PORT";
proxy_hide_header Content-Type;
proxy_ssl_server_name on;
expires max;
add_header Cache-Control public;
add_header Content-Type $custom_content_type;
} }
location ~ ^/tag-img/(.+) { location ~ ^/tag-img/(.+) {
rewrite ^/tag-img/(.+)$ "/$S3_BUCKET/tags/$1" break; rewrite ^/tag-img/(.+)$ "/$S3_BUCKET/tags/$1" last;
access_by_lua "sign_aws_request()";
proxy_pass "$S3_SCHEME://$S3_HOST:$S3_PORT";
proxy_hide_header Content-Type;
proxy_ssl_server_name on;
expires max;
add_header Cache-Control public;
add_header Content-Type $custom_content_type;
} }
location / { location / {