# Define PID files
pid /var/run/nginx.pid;
-# Define log files
-access_log /var/log/nginx/access.log;
+# Define error log
error_log /var/log/nginx/error.log;
events {
keepalive_timeout 65;
tcp_nodelay on;
+ # Define access log
+ access_log /var/log/nginx/access.log;
+
# Configure compression (text/html is compressed by default)
gzip on;
gzip_min_length 1100;
# Use index.html as the index page
index index.html;
-
- # Include fastcgi configuration
- include /etc/nginx/fastcgi_params;
# Redirect trac requests for historical reasons
location /trac/ {
}
# Placeholder for blocking abuse
- location / {
- allow all;
+ include /etc/nginx/blocked_hosts;
+ allow all;
+
+ # Block some bulk download agents
+ if ($http_user_agent ~* LWP::Simple|downloadosm|BBBike) {
+ return 403;
}
-
+
+ # Block some robots
+ if ($http_user_agent ~* msnbot|twiceler) {
+ return 403;
+ }
+
# Map api.openstreetmap/0.n/... to api.openstreetmap/api/0.n/...
- if ($host ~* api\.(.*)) {
+ if ($host ~* ^api\.) {
rewrite ^/(0\.[0-9]+)/(.*)$ /api/$1/$2;
+ rewrite ^/capabilities$ /api/capabilities;
}
-
+
+ # Strip asset tags
+ location ~ ^/(images|javascripts|openlayers|stylesheets|user/image)/ {
+ rewrite ^/(.*)/[0-9]+$ /$1;
+ expires max;
+
+ # Handle Special Case Expiry
+ if ($uri ~ ^/openlayers/) {
+ expires 7d;
+ }
+ }
+ # Handle Special Case Expiry
+ location ~ ^/export/embed.html$ {
+ expires 7d;
+ }
+
+ # Include fastcgi configuration
+ include /etc/nginx/fastcgi_params;
+ fastcgi_param REQUEST_URI $uri;
+
# Handle tiles@home requests
location /api/ {
if ($http_user_agent ~ "^tilesAtHome") {
# Handle bulk api requests
location ~ ^/api/0\.6/(map|relation|trackpoints|amf|amf/read|swf/trackpoints|trace/[0-9]+/data)$ {
+ fastcgi_read_timeout 300;
fastcgi_pass bulkapi_backend;
break;
}
# Send search requests to the bulk api backend
location ~ ^/api/0\.6/.*/search$ {
+ fastcgi_read_timeout 300;
fastcgi_pass bulkapi_backend;
break;
}
# Send requests for full objects to the bulk api backend
location ~ ^/api/0\.6/.*/full$ {
+ fastcgi_read_timeout 300;
fastcgi_pass bulkapi_backend;
break;
}
# Deny old and unknown API versions
location ~ ^/api/0\.[0-9]+/ {
- deny all;
+ return 404;
}
- # Handle Special Case Expiry
- location ~ ^/(export|openlayers)/ {
- expires 7d;
- }
- location ~ ^/(images|javascripts|stylesheets)/ {
- expires max;
- }
-
# Send everything else to the web backend unless it exists
# in the rails public tree
location / {
}
}
+ location = /api/capabilities {
+ fastcgi_pass web_backend;
+ break;
+ }
+
# Set the MIME type for crossdomain.xml policy files
# or flash will ignore it
- location ~ /crossdomain.xml$ {
- default_type text/x-cross-domain-policy;
+ location ~ /crossdomain\.xml$ {
+ types {
+ text/x-cross-domain-policy xml;
+ }
+ }
+
+ # Give munin access to some statistics
+ location /server-status {
+ stub_status on;
+ access_log off;
+ allow 127.0.0.1;
+ deny all;
}
}
}
projects / rails.git / blobdiff