Enable rtnf on dev

[chef.git] / cookbooks / nominatim / templates / default / nginx.erb

diff --git a/cookbooks/nominatim/templates/default/nginx.erb b/cookbooks/nominatim/templates/default/nginx.erb
index a18a0666465fe1217cce52a40bd9ff4ffe32552b..5e74bef73cd975cc114c25cbc3fe95bacc1e62ac 100644 (file)
--- a/cookbooks/nominatim/templates/default/nginx.erb
+++ b/cookbooks/nominatim/templates/default/nginx.erb
@@ -7,9 +7,9 @@ upstream nominatim_service {
 }
 
 map $uri $nominatim_script_name {
 }
 
 map $uri $nominatim_script_name {

-    ~^(.+?\.php)         $1;
-    ~^/([^/]+)           $1.php;
-    ^$                   search.php;
+    ~^/*(.+?)\.php        $1;
+    ~^/*([^/]+)           $1;
+    ^$                   search;

 }
 
 map $uri $nominatim_path_info {
 }
 
 map $uri $nominatim_path_info {


@@ -182,13 +182,23 @@ server {
         add_header Access-Control-Allow-Origin "*" always;
     }
 
         add_header Access-Control-Allow-Origin "*" always;
     }
 

+    location ~* ^/(search|reverse)(\.php)?/ {
+        error_page 404 /404-old-search-syntax.html;
+        return 404;
+    }
+

     location @php {
     location @php {

+        if ($forward_to_ui) {
+            rewrite ^(/[^/]*) https://$host/ui$1.html redirect;
+        }

         if ($blocked_user_agent ~ ^2$)
         { return 403; }
         if ($blocked_referrer)
         { return 403; }
         if ($blocked_email)
         { return 403; }
         if ($blocked_user_agent ~ ^2$)
         { return 403; }
         if ($blocked_referrer)
         { return 403; }
         if ($blocked_email)
         { return 403; }

+        if ($args ~* "q=[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+[ &]")
+        { return 418; }

         include <%= @confdir %>/nginx_blocked_generic.conf;
 
         limit_req zone=www burst=10;
         include <%= @confdir %>/nginx_blocked_generic.conf;
 
         limit_req zone=www burst=10;


@@ -204,10 +214,11 @@ server {
 <% elsif node[:nominatim][:api_flavour] == "python" %>
 
         if ($request_method = 'OPTIONS') {
 <% elsif node[:nominatim][:api_flavour] == "python" %>
 
         if ($request_method = 'OPTIONS') {

-          add_header 'Content-Type' 'text/plain charset=UTF-8';
+          add_header 'Content-Type' 'text/plain; charset=UTF-8';

           add_header 'Content-Length' 0;
           add_header 'Content-Length' 0;

-          add_header Access-Control-Allow-Origin "*" always;
-          add_header Access-Control-Allow-Methods 'GET,OPTIONS' always;
+          add_header Access-Control-Allow-Origin "*";
+          add_header Access-Control-Allow-Methods 'GET,OPTIONS';
+          add_header Access-Control-Allow-Headers $http_access_control_request_headers;

           return 204;
         }
 
           return 204;
         }
 


@@ -217,9 +228,6 @@ server {
         proxy_redirect off;
         proxy_pass http://nominatim_service;
 <% end -%>
         proxy_redirect off;
         proxy_pass http://nominatim_service;
 <% end -%>

-        if ($forward_to_ui) {
-            rewrite ^(/[^/]*) https://$host/ui$1.html redirect;
-        }

     }
 
 <% if node[:nominatim][:api_flavour] == "php" %>
     }
 
 <% if node[:nominatim][:api_flavour] == "php" %>