+++ /dev/null
-#
-# Load the modules that we need
-#
-server.modules = (
- "mod_access",
- "mod_accesslog",
- "mod_cgi",
- "mod_compress",
- "mod_evasive",
- "mod_expire",
- "mod_fastcgi",
- "mod_redirect",
- "mod_status"
-)
-
-#
-# Basic server configuration
-#
-server.username = "www-data"
-server.groupname = "www-data"
-server.pid-file = "/var/run/lighttpd.pid"
-server.max-fds = 8192
-server.reject-expect-100-with-417 = "disable"
-
-#
-# Setup logging
-#
-accesslog.filename = "/var/log/lighttpd/access.log"
-accesslog.format = "%h %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{Accept-Language}i\""
-server.errorlog = "/var/log/lighttpd/error.log"
-
-#
-# Allow munin to monitor the server's status
-#
-$HTTP["remoteip"] == "128.40.168.98" {
- status.config-url = "/server-config"
- status.status-url = "/server-status"
- status.statistics-url = "/server-statistics"
-}
-
-#
-# Pull in host blocks
-#
-include_shell "lighttpd-host-blocks.sh"
-
-#
-# Block some troublesome robots
-#
-#$HTTP["useragent"] =~ "msnbot" { url.access-deny = ("") }
-$HTTP["useragent"] =~ "Twiceler" { url.access-deny = ("") }
-$HTTP["useragent"] =~ "Baiduspider" { url.access-deny = ("") }
-$HTTP["useragent"] =~ "Sosospider+" { url.access-deny = ("") }
-#$HTTP["useragent"] =~ "Yahoo! Slurp" { url.access-deny = ("") }
-$HTTP["useragent"] =~ "Yeti" { url.access-deny = ("") }
-#$HTTP["useragent"] =~ "Googlebot" { url.access-deny = ("") }
-$HTTP["useragent"] =~ "The Hare and the Hedgeho" { url.access-deny = ("") }
-
-#
-# Block tilesAtHome
-#
-$HTTP["useragent"] =~ "tilesAtHome" { url.access-deny = ("") }
-
-#
-# Block JOSM revisions 1722-1727 as they have a serious bug that causes
-# lat/lon to be swapped (http://josm.openstreetmap.de/ticket/2804)
-#
-$HTTP["useragent"] =~ "^JOSM/[0-9]+\.[0-9]+ \(172[234567] " {
- url.access-deny = ("")
-}
-
-#
-# Setup MIME type mapping
-#
-mimetype.assign = (
- ".css" => "text/css",
- ".gif" => "image/gif",
- ".html" => "text/html; charset=utf-8",
- ".jpg" => "image/jpeg",
- ".js" => "application/x-javascript",
- ".png" => "image/png",
- ".swf" => "application/x-shockwave-flash",
- ".txt" => "text/plain",
- ".xml" => "text/xml"
-)
-
-#
-# Force special MIME type for crossdomain.xml files
-#
-$HTTP["url"] =~ "/crossdomain\.xml$" {
- mimetype.assign = ( ".xml" => "text/x-cross-domain-policy" )
-}
-
-#
-# Enable compression of appropriate static content
-#
-compress.filetype = (
- "application/x-javascript",
- "application/x-shockwave-flash",
- "text/css",
- "text/html",
- "text/plain"
-)
-
-#
-# Set expiry for static content
-#
-expire.url = (
- "/export/embed.html" => "access 7 days",
- "/images/" => "access 10 years",
- "/javascripts/" => "access 10 years",
- "/openlayers/" => "access 7 days",
- "/stylesheets/" => "access 10 years"
-)
-
-#
-# Cache compressed content
-#
-compress.cache-dir = "/var/cache/lighttpd"
-
-#
-# Redirect trac and wiki requests to the right places
-#
-url.redirect = (
- "^/trac/(.*)$" => "http://trac.openstreetmap.org/$1",
- "^/wiki/(.*)$" => "http://wiki.openstreetmap.org/$1"
-)
-
-#
-# Redirect everything except www.openstreetmap.org and
-# api.openstreetmap.org to www.openstreetmap.org
-#
-$HTTP["host"] =~ "^api\." {
- $HTTP["host"] != "api.openstreetmap.org" {
- url.redirect = ( "^(.*)$" => "http://api.openstreetmap.org$1" )
- }
-}
-else $HTTP["host"] != "www.openstreetmap.org" {
- url.redirect = ( "^(.*)$" => "http://www.openstreetmap.org$1" )
-}
-
-#
-# Run anything with a .pl iextension as a CGI script
-#
-cgi.assign = ( ".pl" => "/usr/bin/perl" )
-
-#
-# Serve static content from the rails public area ourselves
-#
-server.document-root = "/home/rails/public"
-
-#
-# Send everything else to the appropriate FastCGI server
-#
-$HTTP["url"] =~ "^/trace/[0-9]+/data$" {
- server.error-handler-404 = "/dispatch.bulkapi"
-}
-else $HTTP["url"] =~ "^/api/0\.6/map$" {
- server.error-handler-404 = "/dispatch.map"
-}
-else $HTTP["url"] =~ "^/api/0\.6/(trackpoints|amf|amf/read|swf/trackpoints|changeset/[0-9]+/(upload|download))$" {
- server.error-handler-404 = "/dispatch.bulkapi"
-}
-else $HTTP["url"] =~ "^/api/0\.6/.*/(full|history|search|ways)$" {
- server.error-handler-404 = "/dispatch.bulkapi"
-}
-else $HTTP["url"] =~ "^/api/0\.6/" {
- server.error-handler-404 = "/dispatch.api"
-}
-else $HTTP["url"] =~ "^/api/0\.[0-9]+/" {
- url.access-deny = ("")
-}
-else $HTTP["url"] =~ "^/geocoder/(search|description)_geonames$" {
- server.error-handler-404 = "/dispatch.geonames"
-}
-else $HTTP["url"] =~ "^/" {
- server.error-handler-404 = "/dispatch.web"
-}
-
-#
-# Configure the FastCGI servers
-#
-fastcgi.server = (
- ".web" => (
- ( "host" => "127.0.0.1", "port" => 8000, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8001, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8002, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8003, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8004, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8005, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8006, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8007, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8008, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8009, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8010, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8011, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8012, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8013, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8014, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8015, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8016, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8017, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8018, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8019, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8020, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8021, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8022, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8023, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8024, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8025, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8026, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8027, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8028, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8029, "check-local" => "disable" )
- ),
- ".geonames" => (
- ( "host" => "127.0.0.1", "port" => 8030, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8031, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8032, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8033, "check-local" => "disable" )
- ),
- ".api" => (
- ( "host" => "127.0.0.1", "port" => 8034, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8035, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8036, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8037, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8038, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8039, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8040, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8041, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8042, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8043, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8044, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8045, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8046, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8047, "check-local" => "disable" ),
- ( "host" => "127.0.0.1", "port" => 8048, "check-local" => "disable" )
- ),
- ".bulkapi" => (
- ( "host" => "10.0.0.10", "port" => 8000, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8000, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8000, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8001, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8001, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8001, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8002, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8002, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8002, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8003, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8003, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8003, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8004, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8004, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8004, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8005, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8005, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8005, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8006, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8006, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8006, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8007, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8007, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8007, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8008, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8008, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8008, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8009, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8009, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8009, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8010, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8010, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8010, "check-local" => "disable" ),
- ( "host" => "10.0.0.10", "port" => 8011, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 8011, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 8011, "check-local" => "disable" )
- ),
- ".map" => (
- ( "host" => "10.0.0.10", "port" => 9000, "check-local" => "disable" ),
- ( "host" => "10.0.0.11", "port" => 9000, "check-local" => "disable" ),
- ( "host" => "10.0.0.12", "port" => 9000, "check-local" => "disable" )
- )
-)
+++ /dev/null
-# Run as www-data
-user www-data www-data;
-
-# Use two worker processes
-worker_processes 2;
-
-# Define PID files
-pid /var/run/nginx.pid;
-
-# Define error log
-error_log /var/log/nginx/error.log;
-
-events {
- # max clients = worker_processes * worker_connections
- worker_connections 1024;
-}
-
-http {
- # Configure MIME types
- include /etc/nginx/mime.types;
- default_type application/octet-stream;
-
- # Configure network details
- sendfile on;
- keepalive_timeout 65;
- tcp_nodelay on;
-
- # Define access log
- access_log /var/log/nginx/access.log;
-
- # Configure compression (text/html is compressed by default)
- gzip on;
- gzip_min_length 1100;
- gzip_buffers 4 8k;
- gzip_types text/plain application/x-javascript application/x-shockwave-flash text/css;
-
- #NO CGI SUPPORT IN NGINX fix stat .pl later
-
- # Define fastcgi backend for web pages
- upstream web_backend {
- server 127.0.0.1:8000;
- server 127.0.0.1:8001;
- server 127.0.0.1:8002;
- server 127.0.0.1:8003;
- server 127.0.0.1:8004;
- server 127.0.0.1:8005;
- server 127.0.0.1:8006;
- server 127.0.0.1:8007;
- server 127.0.0.1:8008;
- server 127.0.0.1:8009;
- server 127.0.0.1:8010;
- server 127.0.0.1:8011;
- server 127.0.0.1:8012;
- server 127.0.0.1:8013;
- server 127.0.0.1:8014;
- server 127.0.0.1:8015;
- server 127.0.0.1:8016;
- server 127.0.0.1:8017;
- server 127.0.0.1:8018;
- server 127.0.0.1:8019;
- server 127.0.0.1:8020;
- server 127.0.0.1:8021;
- server 127.0.0.1:8022;
- server 127.0.0.1:8023;
- server 127.0.0.1:8024;
- server 127.0.0.1:8025;
- }
-
- # Define fastcgi backend for geocoder searches
- upstream geocoder_backend {
- server 127.0.0.1:8026;
- server 127.0.0.1:8027;
- server 127.0.0.1:8028;
- server 127.0.0.1:8029;
- }
-
- # Define fastcgi backend for api requests
- upstream api_backend {
- server 127.0.0.1:8030;
- server 127.0.0.1:8031;
- server 127.0.0.1:8032;
- server 127.0.0.1:8033;
- server 127.0.0.1:8034;
- server 127.0.0.1:8035;
- server 127.0.0.1:8036;
- server 127.0.0.1:8037;
- server 127.0.0.1:8038;
- server 127.0.0.1:8039;
- server 127.0.0.1:8040;
- server 127.0.0.1:8041;
- server 127.0.0.1:8042;
- server 127.0.0.1:8043;
- server 127.0.0.1:8044;
- }
-
- # Define fastcgi backend for bulk api requests
- upstream bulkapi_backend {
- server 10.0.0.10:8000;
- server 10.0.0.11:8000;
- server 10.0.0.12:8000;
- server 10.0.0.10:8001;
- server 10.0.0.11:8001;
- server 10.0.0.12:8001;
- server 10.0.0.10:8002;
- server 10.0.0.11:8002;
- server 10.0.0.12:8002;
- server 10.0.0.10:8003;
- server 10.0.0.11:8003;
- server 10.0.0.12:8003;
- server 10.0.0.10:8004;
- server 10.0.0.11:8004;
- server 10.0.0.12:8004;
- }
-
- # Define fastcgi backend for tiles@home requests
- upstream tah_backend {
- server 10.0.0.10:8005;
- server 10.0.0.11:8005;
- server 10.0.0.12:8005;
- }
-
- server {
- # Listen on port 80
- listen 80;
-
- # Serve rails public files
- root /home/rails/public;
-
- # Use index.html as the index page
- index index.html;
-
- # Redirect trac requests for historical reasons
- location /trac/ {
- rewrite ^/trac/(.*)$ http://trac.openstreetmap.org/$1 permanent;
- }
-
- # Redirect wiki requests for historical reasons
- location /wiki/ {
- rewrite ^/wiki/(.*)$ http://wiki.openstreetmap.org/$1 permanent;
- }
-
- # Placeholder for blocking abuse
- include /etc/nginx/blocked_hosts;
- allow all;
-
- # Block some bulk download agents
- if ($http_user_agent ~* LWP::Simple|downloadosm|BBBike) {
- return 403;
- }
-
- # Block some robots
- if ($http_user_agent ~* msnbot|twiceler) {
- return 403;
- }
-
- # Map api.openstreetmap/0.n/... to api.openstreetmap/api/0.n/...
- if ($host ~* ^api\.) {
- rewrite ^/(0\.[0-9]+)/(.*)$ /api/$1/$2;
- rewrite ^/capabilities$ /api/capabilities;
- }
-
- # Strip asset tags
- location ~ ^/(images|javascripts|openlayers|stylesheets|user/image)/ {
- # Strip asset tags
- rewrite ^/(.*)/[0-9]+$ /$1;
-
- # Set expiry to the maximum - the asset tag will change
- # when there is a new version
- expires max;
-
- # Only cache OpenLayers for seven days though
- if ($uri ~ ^/openlayers/) {
- expires 7d;
- }
- }
-
- # Cache the embedded map page for seven days
- location ~ ^/export/embed.html$ {
- expires 7d;
- }
-
- # Include fastcgi configuration
- include /etc/nginx/fastcgi_params;
- fastcgi_param REQUEST_URI $uri;
-
- # Handle tiles@home requests
- location /api/ {
- if ($http_user_agent ~ "^tilesAtHome") {
- #deny all;
- fastcgi_pass tah_backend;
- break;
- }
- }
-
- # Handle bulk api requests
- location ~ ^/api/0\.6/(map|relation|trackpoints|amf|amf/read|swf/trackpoints|trace/[0-9]+/data)$ {
- fastcgi_read_timeout 300;
- fastcgi_pass bulkapi_backend;
- break;
- }
-
- # Send search requests to the bulk api backend
- location ~ ^/api/0\.6/.*/search$ {
- fastcgi_read_timeout 300;
- fastcgi_pass bulkapi_backend;
- break;
- }
-
- # Send requests for full objects to the bulk api backend
- location ~ ^/api/0\.6/.*/full$ {
- fastcgi_read_timeout 300;
- fastcgi_pass bulkapi_backend;
- break;
- }
-
- # Handle the remaining api requests
- location ~ ^/api/0\.6/ {
- fastcgi_pass api_backend;
- break;
- }
-
- # Deny old and unknown API versions
- location ~ ^/api/0\.[0-9]+/ {
- return 404;
- }
-
- # Send unversioned capabilities requests to the api backend
- location = /api/capabilities {
- fastcgi_pass api_backend;
- break;
- }
-
- # Send geocoder searches to the geocoder backend
- location /geocoder/ {
- fastcgi_pass geocoder_backend;
- break;
- }
-
- # Send everything else to the web backend unless it exists
- # in the rails public tree
- location / {
- fastcgi_index index.html;
-
- if (!-f $request_filename) {
- fastcgi_pass web_backend;
- break;
- }
- }
-
- # Set the MIME type for crossdomain.xml policy files
- # or flash will ignore it
- location ~ /crossdomain\.xml$ {
- types {
- text/x-cross-domain-policy xml;
- }
- }
-
- # Give munin access to some statistics
- location /server-status {
- stub_status on;
- access_log off;
- allow 127.0.0.1;
- deny all;
- }
- }
-}
projects / rails.git / commitdiff