X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/b90e70bd914823701fa1db8dcab52833c230c42b..cfaf23fefee30983bd314e0fdc6b9c9db7a65102:/config/nginx.conf diff --git a/config/nginx.conf b/config/nginx.conf index 04a87ebc2..1f94ee9d7 100644 --- a/config/nginx.conf +++ b/config/nginx.conf @@ -1,172 +1,212 @@ -user www-data; -worker_processes 1; - -error_log /var/log/nginx/error.log; -pid /var/run/nginx.pid; - -events { - worker_connections 1024; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - #access_log /var/log/nginx/access.log; - - sendfile on; - #tcp_nopush on; - - #keepalive_timeout 0; - keepalive_timeout 65; - tcp_nodelay on; - - gzip on; - gzip_min_length 1100; - gzip_buffers 4 8k; - # text/html is added gzip_types by default - gzip_types text/plain application/x-javascript application/x-shockwave-flash text/css; - #NO CGI SUPPORT IN NGINX fix stat .pl later - - upstream web_backend { - server 127.0.0.1:8000; - server 127.0.0.1:8001; - server 127.0.0.1:8002; - server 127.0.0.1:8003; - server 127.0.0.1:8004; - server 127.0.0.1:8005; - server 127.0.0.1:8006; - server 127.0.0.1:8007; - server 127.0.0.1:8008; - server 127.0.0.1:8009; - server 127.0.0.1:8010; - server 127.0.0.1:8011; - server 127.0.0.1:8012; - server 127.0.0.1:8013; - server 127.0.0.1:8014; - server 127.0.0.1:8015; - server 127.0.0.1:8016; - server 127.0.0.1:8017; - server 127.0.0.1:8018; - server 127.0.0.1:8019; - server 127.0.0.1:8020; - server 127.0.0.1:8021; - server 127.0.0.1:8022; - server 127.0.0.1:8023; - server 127.0.0.1:8024; - server 127.0.0.1:8025; - server 127.0.0.1:8026; - server 127.0.0.1:8027; - server 127.0.0.1:8028; - server 127.0.0.1:8029; - } - - upstream api_backend { - server 127.0.0.1:8030; - server 127.0.0.1:8031; - server 127.0.0.1:8032; - server 127.0.0.1:8033; - server 127.0.0.1:8034; - server 127.0.0.1:8035; - server 127.0.0.1:8036; - server 127.0.0.1:8037; - server 127.0.0.1:8038; - server 127.0.0.1:8039; - server 127.0.0.1:8040; - server 127.0.0.1:8041; - server 127.0.0.1:8042; - server 127.0.0.1:8043; - server 127.0.0.1:8044; - } - - upstream bulkapi_backend { - server 10.0.0.10:8000; - server 10.0.0.11:8000; - server 10.0.0.12:8000; - server 10.0.0.10:8001; - server 10.0.0.11:8001; - server 10.0.0.12:8001; - server 10.0.0.10:8002; - server 10.0.0.11:8002; - server 10.0.0.12:8002; - server 10.0.0.10:8003; - server 10.0.0.11:8003; - server 10.0.0.12:8003; - } - - upstream tah_backend { - server 10.0.0.10:8004; - server 10.0.0.11:8004; - server 10.0.0.12:8004; - server 10.0.0.10:8005; - server 10.0.0.11:8005; - server 10.0.0.12:8005; - } - - server { - listen 80; - server_name .openstreetmap.org api.openstreetmap.org; - root /home/rails/public - - access_log /var/log/nginx/openstreetmap.org.access.log; - - location / { - deny 143.210.16.160; - allow all; - } - - location /trac/ { - rewrite ^/trac/(.*)$ http://trac.openstreetmap.org/$1 permanent; - } - location /wiki/ { - rewrite ^/wiki/(.*)$ http://wiki.openstreetmap.org/$1 permanent; - } - - if ($http_user_agent == "tilesAtHome" { - include /etc/nginx/fastcgi_params; - fastcgi_pass tah_backend; - break; - } - - location =~ "^/api/0\.6/(map|trackpoints|amf|amf/read|swf/trackpoints)$" { - include /etc/nginx/fastcgi_params; - fastcgi_pass bulkapi_backend; - break; - } - - location =~ "^/api/0\.6/.*/search$" { - include /etc/nginx/fastcgi_params; - fastcgi_pass bulkapi_backend; - break; - } - - location =~ "^/api/0\.6/" { - include /etc/nginx/fastcgi_params; - fastcgi_pass api_backend; - break; - } - - location =~ "^/api/0\.[0-9]+/" { - deny all; - } - - if (!-f $request_filename) { - include /etc/nginx/fastcgi_params; - fastcgi_pass web_backend; - break; - } - - location /crossdomain.xml { - default_type text/x-cross-domain-policy - } - - #error_page 404 /404.html; - # redirect server error pages to the static page /50x.html - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /var/www/nginx-default; - } - - } -} - +# Run as www-data +user www-data www-data; + +# Use two worker processes +worker_processes 2; + +# Define PID files +pid /var/run/nginx.pid; + +# Define log files +access_log /var/log/nginx/access.log; +error_log /var/log/nginx/error.log; + +events { + # max clients = worker_processes * worker_connections + worker_connections 1024; +} + +http { + # Configure MIME types + include /etc/nginx/mime.types; + default_type application/octet-stream; + + # Configure network details + sendfile on; + keepalive_timeout 65; + tcp_nodelay on; + + # Configure compression (text/html is compressed by default) + gzip on; + gzip_min_length 1100; + gzip_buffers 4 8k; + gzip_types text/plain application/x-javascript application/x-shockwave-flash text/css; + + #NO CGI SUPPORT IN NGINX fix stat .pl later + + # Define fastcgi backend for web pages + upstream web_backend { + server 127.0.0.1:8000; + server 127.0.0.1:8001; + server 127.0.0.1:8002; + server 127.0.0.1:8003; + server 127.0.0.1:8004; + server 127.0.0.1:8005; + server 127.0.0.1:8006; + server 127.0.0.1:8007; + server 127.0.0.1:8008; + server 127.0.0.1:8009; + server 127.0.0.1:8010; + server 127.0.0.1:8011; + server 127.0.0.1:8012; + server 127.0.0.1:8013; + server 127.0.0.1:8014; + server 127.0.0.1:8015; + server 127.0.0.1:8016; + server 127.0.0.1:8017; + server 127.0.0.1:8018; + server 127.0.0.1:8019; + server 127.0.0.1:8020; + server 127.0.0.1:8021; + server 127.0.0.1:8022; + server 127.0.0.1:8023; + server 127.0.0.1:8024; + server 127.0.0.1:8025; + server 127.0.0.1:8026; + server 127.0.0.1:8027; + server 127.0.0.1:8028; + server 127.0.0.1:8029; + } + + # Define fastcgi backend for api requests + upstream api_backend { + server 127.0.0.1:8030; + server 127.0.0.1:8031; + server 127.0.0.1:8032; + server 127.0.0.1:8033; + server 127.0.0.1:8034; + server 127.0.0.1:8035; + server 127.0.0.1:8036; + server 127.0.0.1:8037; + server 127.0.0.1:8038; + server 127.0.0.1:8039; + server 127.0.0.1:8040; + server 127.0.0.1:8041; + server 127.0.0.1:8042; + server 127.0.0.1:8043; + server 127.0.0.1:8044; + } + + # Define fastcgi backend for bulk api requests + upstream bulkapi_backend { + server 10.0.0.10:8000; + server 10.0.0.11:8000; + server 10.0.0.12:8000; + server 10.0.0.10:8001; + server 10.0.0.11:8001; + server 10.0.0.12:8001; + server 10.0.0.10:8002; + server 10.0.0.11:8002; + server 10.0.0.12:8002; + server 10.0.0.10:8003; + server 10.0.0.11:8003; + server 10.0.0.12:8003; + } + + # Define fastcgi backend for tiles@home requests + upstream tah_backend { + server 10.0.0.10:8004; + server 10.0.0.11:8004; + server 10.0.0.12:8004; + server 10.0.0.10:8005; + server 10.0.0.11:8005; + server 10.0.0.12:8005; + } + + server { + # Listen on port 80 + listen 80; + + # Serve rails public files + root /home/rails/public; + + # Use index.html as the index page + index index.html; + + # Include fastcgi configuration + include /etc/nginx/fastcgi_params; + + # Redirect trac requests for historical reasons + location /trac/ { + rewrite ^/trac/(.*)$ http://trac.openstreetmap.org/$1 permanent; + } + + # Redirect wiki requests for historical reasons + location /wiki/ { + rewrite ^/wiki/(.*)$ http://wiki.openstreetmap.org/$1 permanent; + } + + # Placeholder for blocking abuse + location / { + allow all; + } + + # Map api.openstreetmap/0.n/... to api.openstreetmap/api/0.n/... + if ($host ~* api\.(.*)) { + rewrite ^/(0\.[0-9]+)/(.*)$ /api/$1/$2; + } + + # Handle tiles@home requests + location /api/ { + if ($http_user_agent ~ "^tilesAtHome") { + #deny all; + fastcgi_pass tah_backend; + break; + } + } + + # Handle bulk api requests + location ~ ^/api/0\.6/(map|relation|trackpoints|amf|amf/read|swf/trackpoints|trace/[0-9]+/data)$ { + fastcgi_pass bulkapi_backend; + break; + } + + # Send search requests to the bulk api backend + location ~ ^/api/0\.6/.*/search$ { + fastcgi_pass bulkapi_backend; + break; + } + + # Send requests for full objects to the bulk api backend + location ~ ^/api/0\.6/.*/full$ { + fastcgi_pass bulkapi_backend; + break; + } + + # Handle the remaining api requests + location ~ ^/api/0\.6/ { + fastcgi_pass api_backend; + break; + } + + # Deny old and unknown API versions + location ~ ^/api/0\.[0-9]+/ { + deny all; + } + + # Handle Special Case Expiry + location ~ ^/(export|openlayers)/ { + expires 7d; + } + location ~ ^/(images|javascripts|stylesheets)/ { + expires max; + } + + # Send everything else to the web backend unless it exists + # in the rails public tree + location / { + fastcgi_index index.html; + + if (!-f $request_filename) { + fastcgi_pass web_backend; + break; + } + } + + # Set the MIME type for crossdomain.xml policy files + # or flash will ignore it + location ~ /crossdomain.xml$ { + default_type text/x-cross-domain-policy; + } + } +}