X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/10079fbba9eb376a1f0aeaf24ff4484bde0a726d..f70feedc6517b824c4201584d6298fd5790d85ba:/config/nginx.conf diff --git a/config/nginx.conf b/config/nginx.conf index a78e1dc70..ae349b746 100644 --- a/config/nginx.conf +++ b/config/nginx.conf @@ -64,6 +64,10 @@ http { server 127.0.0.1:8023; server 127.0.0.1:8024; server 127.0.0.1:8025; + } + + # Define fastcgi backend for geocoder searches + upstream geocoder_backend { server 127.0.0.1:8026; server 127.0.0.1:8027; server 127.0.0.1:8028; @@ -103,13 +107,13 @@ http { server 10.0.0.10:8003; server 10.0.0.11:8003; server 10.0.0.12:8003; + server 10.0.0.10:8004; + server 10.0.0.11:8004; + server 10.0.0.12:8004; } # Define fastcgi backend for tiles@home requests upstream tah_backend { - server 10.0.0.10:8004; - server 10.0.0.11:8004; - server 10.0.0.12:8004; server 10.0.0.10:8005; server 10.0.0.11:8005; server 10.0.0.12:8005; @@ -136,8 +140,19 @@ http { } # Placeholder for blocking abuse + include /etc/nginx/blocked_hosts; allow all; - + + # Block some bulk download agents + if ($http_user_agent ~* LWP::Simple|downloadosm|BBBike) { + return 403; + } + + # Block some robots + if ($http_user_agent ~* msnbot|twiceler) { + return 403; + } + # Map api.openstreetmap/0.n/... to api.openstreetmap/api/0.n/... if ($host ~* ^api\.) { rewrite ^/(0\.[0-9]+)/(.*)$ /api/$1/$2; @@ -146,7 +161,22 @@ http { # Strip asset tags location ~ ^/(images|javascripts|openlayers|stylesheets|user/image)/ { + # Strip asset tags rewrite ^/(.*)/[0-9]+$ /$1; + + # Set expiry to the maximum - the asset tag will change + # when there is a new version + expires max; + + # Only cache OpenLayers for seven days though + if ($uri ~ ^/openlayers/) { + expires 7d; + } + } + + # Cache the embedded map page for seven days + location ~ ^/export/embed.html$ { + expires 7d; } # Include fastcgi configuration @@ -194,15 +224,16 @@ http { return 404; } - # Handle Special Case Expiry - location ~ ^/openlayers/ { - expires 7d; - } - location ~ ^/export/embed.html$ { - expires 7d; + # Send unversioned capabilities requests to the api backend + location = /api/capabilities { + fastcgi_pass api_backend; + break; } - location ~ ^/(images|javascripts|stylesheets)/ { - expires max; + + # Send geocoder searches to the geocoder backend + location /geocoder/ { + fastcgi_pass geocoder_backend; + break; } # Send everything else to the web backend unless it exists @@ -216,11 +247,6 @@ http { } } - location = /api/capabilities { - fastcgi_pass web_backend; - break; - } - # Set the MIME type for crossdomain.xml policy files # or flash will ignore it location ~ /crossdomain\.xml$ { @@ -228,5 +254,13 @@ http { text/x-cross-domain-policy xml; } } + + # Give munin access to some statistics + location /server-status { + stub_status on; + access_log off; + allow 127.0.0.1; + deny all; + } } }