From 45ce3de7c2f564ba7039195b622ec698ef884b1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karol=20Wypch=C5=82o?= Date: Mon, 31 May 2021 20:27:56 +0200 Subject: [PATCH] disable caching v2 skylinks (#827) * disable caching v2 skylinks * amend comment * fix boolean switch --- docker/nginx/conf.d/client.conf | 15 ++++++++++++--- docker/nginx/conf.d/include/proxy-cache-downloads | 5 +++-- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/docker/nginx/conf.d/client.conf b/docker/nginx/conf.d/client.conf index f5373143..632a0c13 100644 --- a/docker/nginx/conf.d/client.conf +++ b/docker/nginx/conf.d/client.conf @@ -422,11 +422,20 @@ server { limit_conn downloads_by_ip 100; # ddos protection: max 100 downloads at a time - # we need to explicitly use set directive here because $1 will contain the skylink with + # we need to explicitly use set directive here because $2 and $3 will contain values with # decoded whitespaces and set will re-encode it for us before passing it to proxy_pass - set $skylink $1; + set $skylink $2; + set $path $3; access_by_lua_block { + -- disable cache if this is skylink v2 + local isBase32v2 = string.len(ngx.var.skylink) == 55 and string.sub(ngx.var.skylink, 0, 2) == "04" + local isBase64v2 = string.len(ngx.var.skylink) == 46 and string.sub(ngx.var.skylink, 0, 2) == "AQ" + + if isBase32v2 or isBase64v2 then + ngx.var.nocache = 1 # nginx expects 0/1 for boolean + end + -- this block runs only when accounts are enabled if os.getenv("ACCOUNTS_ENABLED", "0") == "0" then return end @@ -461,7 +470,7 @@ server { proxy_read_timeout 600; proxy_set_header User-Agent: Sia-Agent; # proxy this call to siad /skynet/skylink/ endpoint (make sure the ip is correct) - proxy_pass http://siad/skynet/skylink/$skylink$is_args$args; + proxy_pass http://siad/skynet/skylink/$skylink$path$is_args$args; } location @base32_subdomain { diff --git a/docker/nginx/conf.d/include/proxy-cache-downloads b/docker/nginx/conf.d/include/proxy-cache-downloads index b1eb83f3..a0dfa54f 100644 --- a/docker/nginx/conf.d/include/proxy-cache-downloads +++ b/docker/nginx/conf.d/include/proxy-cache-downloads @@ -1,4 +1,5 @@ -proxy_cache skynet; +set $nocache 0; # internal variable for bypassing the cache, nginx expects 0/1 for boolean +proxy_cache skynet; # cache name slice 1m; proxy_http_version 1.1; # upgrade if necessary because 1.0 does not support byte-range requests proxy_set_header Range $slice_range; # pass slice range to proxy @@ -6,5 +7,5 @@ proxy_cache_key $uri$arg_format$arg_attachment$slice_range; # use just the uri p proxy_cache_min_uses 3; # cache responses after 3 requests of the same file proxy_cache_valid 200 206 24h; # cache 200 and 206 responses for 24 hours proxy_cache_lock on; # queue cache requests for the same resource until it is fully cached -proxy_cache_bypass $cookie_nocache $arg_nocache; # add cache bypass option +proxy_cache_bypass $nocache $cookie_nocache $arg_nocache; # add cache bypass option add_header X-Proxy-Cache $upstream_cache_status; # add response header to indicate cache hits and misses