cors
This commit is contained in:
parent
af1f4896f0
commit
1dbc842c55
|
@ -42,10 +42,14 @@ server {
|
||||||
client_max_body_size 128k;
|
client_max_body_size 128k;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
root /var/www/webportal;
|
root /var/www/webportal;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /blacklist {
|
location /blacklist {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
proxy_cache skynet;
|
proxy_cache skynet;
|
||||||
proxy_cache_valid any 1m; # cache blacklist for 1 minute
|
proxy_cache_valid any 1m; # cache blacklist for 1 minute
|
||||||
proxy_set_header Access-Control-Allow-Origin: *;
|
proxy_set_header Access-Control-Allow-Origin: *;
|
||||||
|
@ -54,6 +58,8 @@ server {
|
||||||
}
|
}
|
||||||
|
|
||||||
location /portals {
|
location /portals {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
proxy_cache skynet;
|
proxy_cache skynet;
|
||||||
proxy_cache_valid any 1m; # cache portals for 1 minute
|
proxy_cache_valid any 1m; # cache portals for 1 minute
|
||||||
proxy_set_header Access-Control-Allow-Origin: *;
|
proxy_set_header Access-Control-Allow-Origin: *;
|
||||||
|
@ -62,6 +68,8 @@ server {
|
||||||
}
|
}
|
||||||
|
|
||||||
location /stats {
|
location /stats {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
proxy_cache skynet;
|
proxy_cache skynet;
|
||||||
proxy_cache_valid any 1m; # cache stats for 1 minute
|
proxy_cache_valid any 1m; # cache stats for 1 minute
|
||||||
proxy_set_header Access-Control-Allow-Origin: *;
|
proxy_set_header Access-Control-Allow-Origin: *;
|
||||||
|
@ -70,6 +78,8 @@ server {
|
||||||
}
|
}
|
||||||
|
|
||||||
location /statsdown {
|
location /statsdown {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
proxy_cache skynet;
|
proxy_cache skynet;
|
||||||
proxy_cache_valid any 1m; # cache stats for 1 minute
|
proxy_cache_valid any 1m; # cache stats for 1 minute
|
||||||
proxy_set_header Access-Control-Allow-Origin: *;
|
proxy_set_header Access-Control-Allow-Origin: *;
|
||||||
|
@ -78,21 +88,29 @@ server {
|
||||||
}
|
}
|
||||||
|
|
||||||
location /health-check {
|
location /health-check {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
proxy_set_header Access-Control-Allow-Origin: *;
|
proxy_set_header Access-Control-Allow-Origin: *;
|
||||||
proxy_pass http://health-check:3100;
|
proxy_pass http://health-check:3100;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /hns {
|
location /hns {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
proxy_set_header Access-Control-Allow-Origin: *;
|
proxy_set_header Access-Control-Allow-Origin: *;
|
||||||
proxy_pass http://handshake-api:3100;
|
proxy_pass http://handshake-api:3100;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /hnsres {
|
location /hnsres {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
proxy_set_header Access-Control-Allow-Origin: *;
|
proxy_set_header Access-Control-Allow-Origin: *;
|
||||||
proxy_pass http://handshake-api:3100;
|
proxy_pass http://handshake-api:3100;
|
||||||
}
|
}
|
||||||
|
|
||||||
location /skynet/skyfile {
|
location /skynet/skyfile {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
limit_conn uploads_by_ip 10; # ddos protection: max 10 uploads at a time
|
limit_conn uploads_by_ip 10; # ddos protection: max 10 uploads at a time
|
||||||
client_max_body_size 1000M; # make sure to limit the size of upload to a sane value
|
client_max_body_size 1000M; # make sure to limit the size of upload to a sane value
|
||||||
proxy_read_timeout 600;
|
proxy_read_timeout 600;
|
||||||
|
@ -135,6 +153,8 @@ server {
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ "/skynet/skyfile/(.+)" {
|
location ~ "/skynet/skyfile/(.+)" {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
limit_conn uploads_by_ip 10; # ddos protection: max 10 uploads at a time
|
limit_conn uploads_by_ip 10; # ddos protection: max 10 uploads at a time
|
||||||
client_max_body_size 1000M; # make sure to limit the size of upload to a sane value
|
client_max_body_size 1000M; # make sure to limit the size of upload to a sane value
|
||||||
proxy_read_timeout 600;
|
proxy_read_timeout 600;
|
||||||
|
@ -152,6 +172,8 @@ server {
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ "^/([a-zA-Z0-9-_]{46}(/.*)?)$" {
|
location ~ "^/([a-zA-Z0-9-_]{46}(/.*)?)$" {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
limit_conn downloads_by_ip 100; # ddos protection: max 100 downloads at a time
|
limit_conn downloads_by_ip 100; # ddos protection: max 100 downloads at a time
|
||||||
|
|
||||||
# we need to explicitly use set directive here because $1 will contain the skylink with
|
# we need to explicitly use set directive here because $1 will contain the skylink with
|
||||||
|
@ -176,6 +198,8 @@ server {
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ "^/file/([a-zA-Z0-9-_]{46}(/.*)?)$" {
|
location ~ "^/file/([a-zA-Z0-9-_]{46}(/.*)?)$" {
|
||||||
|
include /etc/nginx/conf.d/include/cors;
|
||||||
|
|
||||||
limit_conn downloads_by_ip 100; # ddos protection: max 100 downloads at a time
|
limit_conn downloads_by_ip 100; # ddos protection: max 100 downloads at a time
|
||||||
|
|
||||||
# we need to explicitly use set directive here because $1 will contain the skylink with
|
# we need to explicitly use set directive here because $1 will contain the skylink with
|
||||||
|
|
|
@ -0,0 +1,27 @@
|
||||||
|
if ($request_method = 'OPTIONS') {
|
||||||
|
add_header 'Access-Control-Allow-Origin' '*';
|
||||||
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
||||||
|
#
|
||||||
|
# Custom headers and headers various browsers *should* be OK with but aren't
|
||||||
|
#
|
||||||
|
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
|
||||||
|
#
|
||||||
|
# Tell client that this pre-flight info is valid for 20 days
|
||||||
|
#
|
||||||
|
add_header 'Access-Control-Max-Age' 1728000;
|
||||||
|
add_header 'Content-Type' 'text/plain; charset=utf-8';
|
||||||
|
add_header 'Content-Length' 0;
|
||||||
|
return 204;
|
||||||
|
}
|
||||||
|
if ($request_method = 'POST') {
|
||||||
|
add_header 'Access-Control-Allow-Origin' '*';
|
||||||
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
||||||
|
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
|
||||||
|
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
|
||||||
|
}
|
||||||
|
if ($request_method = 'GET') {
|
||||||
|
add_header 'Access-Control-Allow-Origin' '*';
|
||||||
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
||||||
|
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
|
||||||
|
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
|
||||||
|
}
|
|
@ -24,7 +24,7 @@ docker-compose --version # sanity check
|
||||||
# CLOUDFLARE_AUTH_TOKEN - cloudflare auth token for ssl generation (just for siasky.net)
|
# CLOUDFLARE_AUTH_TOKEN - cloudflare auth token for ssl generation (just for siasky.net)
|
||||||
if ! [ -f /home/user/skynet-webportal/.env ]; then
|
if ! [ -f /home/user/skynet-webportal/.env ]; then
|
||||||
HSD_API_KEY=$(openssl rand -base64 32) # generate safe random key for handshake
|
HSD_API_KEY=$(openssl rand -base64 32) # generate safe random key for handshake
|
||||||
printf "DOMAIN_NAME=example.com\nEMAIL_ADDRESS=email@example.com\nSIA_API_AUTHORIZATION=\nCLOUDFLARE_AUTH_TOKEN=\nHSD_API_KEY=${HSD_API_KEY}\n" > /home/user/skynet-webportal/.env
|
printf "DOMAIN_NAME=example.com\nEMAIL_ADDRESS=email@example.com\nSIA_API_AUTHORIZATION=\nCLOUDFLARE_AUTH_TOKEN=\nHSD_API_KEY=${HSD_API_KEY}\nAWS_ACCESS_KEY_ID=\nAWS_SECRET_ACCESS_KEY=\n" > /home/user/skynet-webportal/.env
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Start docker container with nginx and client
|
# Start docker container with nginx and client
|
||||||
|
|
Reference in New Issue