# Define PID files
pid /var/run/nginx.pid;
-# Define log files
-access_log /var/log/nginx/access.log;
+# Define error log
error_log /var/log/nginx/error.log;
events {
keepalive_timeout 65;
tcp_nodelay on;
+ # Define access log
+ access_log /var/log/nginx/access.log;
+
# Configure compression (text/html is compressed by default)
gzip on;
gzip_min_length 1100;
server 127.0.0.1:8023;
server 127.0.0.1:8024;
server 127.0.0.1:8025;
+ }
+
+ # Define fastcgi backend for geocoder searches
+ upstream geocoder_backend {
server 127.0.0.1:8026;
server 127.0.0.1:8027;
server 127.0.0.1:8028;
server 10.0.0.10:8003;
server 10.0.0.11:8003;
server 10.0.0.12:8003;
+ server 10.0.0.10:8004;
+ server 10.0.0.11:8004;
+ server 10.0.0.12:8004;
}
# Define fastcgi backend for tiles@home requests
upstream tah_backend {
- server 10.0.0.10:8004;
- server 10.0.0.11:8004;
- server 10.0.0.12:8004;
server 10.0.0.10:8005;
server 10.0.0.11:8005;
server 10.0.0.12:8005;
# Use index.html as the index page
index index.html;
-
- # Include fastcgi configuration
- include /etc/nginx/fastcgi_params;
# Redirect trac requests for historical reasons
location /trac/ {
}
# Placeholder for blocking abuse
- location / {
- allow all;
+ include /etc/nginx/blocked_hosts;
+ allow all;
+
+ # Block some bulk download agents
+ if ($http_user_agent ~* LWP::Simple|downloadosm|BBBike) {
+ return 403;
}
-
+
+ # Block some robots
+ if ($http_user_agent ~* msnbot|twiceler) {
+ return 403;
+ }
+
# Map api.openstreetmap/0.n/... to api.openstreetmap/api/0.n/...
- if ($host ~* api\.(.*)) {
+ if ($host ~* ^api\.) {
rewrite ^/(0\.[0-9]+)/(.*)$ /api/$1/$2;
+ rewrite ^/capabilities$ /api/capabilities;
}
-
+
+ # Strip asset tags
+ location ~ ^/(images|javascripts|openlayers|stylesheets|user/image)/ {
+ # Strip asset tags
+ rewrite ^/(.*)/[0-9]+$ /$1;
+
+ # Set expiry to the maximum - the asset tag will change
+ # when there is a new version
+ expires max;
+
+ # Only cache OpenLayers for seven days though
+ if ($uri ~ ^/openlayers/) {
+ expires 7d;
+ }
+ }
+
+ # Cache the embedded map page for seven days
+ location ~ ^/export/embed.html$ {
+ expires 7d;
+ }
+
+ # Include fastcgi configuration
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param REQUEST_URI $uri;
+
# Handle tiles@home requests
location /api/ {
if ($http_user_agent ~ "^tilesAtHome") {
# Handle bulk api requests
location ~ ^/api/0\.6/(map|relation|trackpoints|amf|amf/read|swf/trackpoints|trace/[0-9]+/data)$ {
+ fastcgi_read_timeout 300;
fastcgi_pass bulkapi_backend;
break;
}
# Send search requests to the bulk api backend
location ~ ^/api/0\.6/.*/search$ {
+ fastcgi_read_timeout 300;
fastcgi_pass bulkapi_backend;
break;
}
# Send requests for full objects to the bulk api backend
location ~ ^/api/0\.6/.*/full$ {
+ fastcgi_read_timeout 300;
fastcgi_pass bulkapi_backend;
break;
}
# Deny old and unknown API versions
location ~ ^/api/0\.[0-9]+/ {
- deny all;
+ return 404;
}
- # Handle Special Case Expiry
- location ~ ^/(export|openlayers)/ {
- expires 7d;
+ # Send unversioned capabilities requests to the api backend
+ location = /api/capabilities {
+ fastcgi_pass api_backend;
+ break;
}
- location ~ ^/(images|javascripts|stylesheets)/ {
- expires max;
+
+ # Send geocoder searches to the geocoder backend
+ location /geocoder/ {
+ fastcgi_pass geocoder_backend;
+ break;
}
# Send everything else to the web backend unless it exists
# Set the MIME type for crossdomain.xml policy files
# or flash will ignore it
- location ~ /crossdomain.xml$ {
- default_type text/x-cross-domain-policy;
+ location ~ /crossdomain\.xml$ {
+ types {
+ text/x-cross-domain-policy xml;
+ }
+ }
+
+ # Give munin access to some statistics
+ location /server-status {
+ stub_status on;
+ access_log off;
+ allow 127.0.0.1;
+ deny all;
}
}
}