# Run as www-data user www-data www-data; # Use two worker processes worker_processes 2; # Define PID files pid /var/run/nginx.pid; # Define error log error_log /var/log/nginx/error.log; events { # max clients = worker_processes * worker_connections worker_connections 1024; } http { # Configure MIME types include /etc/nginx/mime.types; default_type application/octet-stream; # Configure network details sendfile on; keepalive_timeout 65; tcp_nodelay on; # Define access log access_log /var/log/nginx/access.log; # Configure compression (text/html is compressed by default) gzip on; gzip_min_length 1100; gzip_buffers 4 8k; gzip_types text/plain application/x-javascript application/x-shockwave-flash text/css; #NO CGI SUPPORT IN NGINX fix stat .pl later # Define fastcgi backend for web pages upstream web_backend { server 127.0.0.1:8000; server 127.0.0.1:8001; server 127.0.0.1:8002; server 127.0.0.1:8003; server 127.0.0.1:8004; server 127.0.0.1:8005; server 127.0.0.1:8006; server 127.0.0.1:8007; server 127.0.0.1:8008; server 127.0.0.1:8009; server 127.0.0.1:8010; server 127.0.0.1:8011; server 127.0.0.1:8012; server 127.0.0.1:8013; server 127.0.0.1:8014; server 127.0.0.1:8015; server 127.0.0.1:8016; server 127.0.0.1:8017; server 127.0.0.1:8018; server 127.0.0.1:8019; server 127.0.0.1:8020; server 127.0.0.1:8021; server 127.0.0.1:8022; server 127.0.0.1:8023; server 127.0.0.1:8024; server 127.0.0.1:8025; } # Define fastcgi backend for geocoder searches upstream geocoder_backend { server 127.0.0.1:8026; server 127.0.0.1:8027; server 127.0.0.1:8028; server 127.0.0.1:8029; } # Define fastcgi backend for api requests upstream api_backend { server 127.0.0.1:8030; server 127.0.0.1:8031; server 127.0.0.1:8032; server 127.0.0.1:8033; server 127.0.0.1:8034; server 127.0.0.1:8035; server 127.0.0.1:8036; server 127.0.0.1:8037; server 127.0.0.1:8038; server 127.0.0.1:8039; server 127.0.0.1:8040; server 127.0.0.1:8041; server 127.0.0.1:8042; server 127.0.0.1:8043; server 127.0.0.1:8044; } # Define fastcgi backend for bulk api requests upstream bulkapi_backend { server 10.0.0.10:8000; server 10.0.0.11:8000; server 10.0.0.12:8000; server 10.0.0.10:8001; server 10.0.0.11:8001; server 10.0.0.12:8001; server 10.0.0.10:8002; server 10.0.0.11:8002; server 10.0.0.12:8002; server 10.0.0.10:8003; server 10.0.0.11:8003; server 10.0.0.12:8003; server 10.0.0.10:8004; server 10.0.0.11:8004; server 10.0.0.12:8004; } # Define fastcgi backend for tiles@home requests upstream tah_backend { server 10.0.0.10:8005; server 10.0.0.11:8005; server 10.0.0.12:8005; } server { # Listen on port 80 listen 80; # Serve rails public files root /home/rails/public; # Use index.html as the index page index index.html; # Redirect trac requests for historical reasons location /trac/ { rewrite ^/trac/(.*)$ http://trac.openstreetmap.org/$1 permanent; } # Redirect wiki requests for historical reasons location /wiki/ { rewrite ^/wiki/(.*)$ http://wiki.openstreetmap.org/$1 permanent; } # Placeholder for blocking abuse include /etc/nginx/blocked_hosts; allow all; # Block some bulk download agents if ($http_user_agent ~* LWP::Simple|downloadosm|BBBike) { return 403; } # Block some robots if ($http_user_agent ~* msnbot|twiceler) { return 403; } # Map api.openstreetmap/0.n/... to api.openstreetmap/api/0.n/... if ($host ~* ^api\.) { rewrite ^/(0\.[0-9]+)/(.*)$ /api/$1/$2; rewrite ^/capabilities$ /api/capabilities; } # Strip asset tags location ~ ^/(images|javascripts|openlayers|stylesheets|user/image)/ { # Strip asset tags rewrite ^/(.*)/[0-9]+$ /$1; # Set expiry to the maximum - the asset tag will change # when there is a new version expires max; # Only cache OpenLayers for seven days though if ($uri ~ ^/openlayers/) { expires 7d; } } # Cache the embedded map page for seven days location ~ ^/export/embed.html$ { expires 7d; } # Include fastcgi configuration include /etc/nginx/fastcgi_params; fastcgi_param REQUEST_URI $uri; # Handle tiles@home requests location /api/ { if ($http_user_agent ~ "^tilesAtHome") { #deny all; fastcgi_pass tah_backend; break; } } # Handle bulk api requests location ~ ^/api/0\.6/(map|relation|trackpoints|amf|amf/read|swf/trackpoints|trace/[0-9]+/data)$ { fastcgi_read_timeout 300; fastcgi_pass bulkapi_backend; break; } # Send search requests to the bulk api backend location ~ ^/api/0\.6/.*/search$ { fastcgi_read_timeout 300; fastcgi_pass bulkapi_backend; break; } # Send requests for full objects to the bulk api backend location ~ ^/api/0\.6/.*/full$ { fastcgi_read_timeout 300; fastcgi_pass bulkapi_backend; break; } # Handle the remaining api requests location ~ ^/api/0\.6/ { fastcgi_pass api_backend; break; } # Deny old and unknown API versions location ~ ^/api/0\.[0-9]+/ { return 404; } # Send unversioned capabilities requests to the api backend location = /api/capabilities { fastcgi_pass api_backend; break; } # Send geocoder searches to the geocoder backend location /geocoder/ { fastcgi_pass geocoder_backend; break; } # Send everything else to the web backend unless it exists # in the rails public tree location / { fastcgi_index index.html; if (!-f $request_filename) { fastcgi_pass web_backend; break; } } # Set the MIME type for crossdomain.xml policy files # or flash will ignore it location ~ /crossdomain\.xml$ { types { text/x-cross-domain-policy xml; } } # Give munin access to some statistics location /server-status { stub_status on; access_log off; allow 127.0.0.1; deny all; } } }