cache /accounts internal response for 1 minute

2021-05-04 14:53:42 +02:00 · 2021-05-04 14:53:42 +02:00 · 8b5a426a97
parent 89432b1955
commit 8b5a426a97
1 changed files with 11 additions and 0 deletions
--- a/docker/nginx/conf.d/client.conf
+++ b/docker/nginx/conf.d/client.conf
@ -39,6 +39,13 @@ set_real_ip_from  172.16.0.0/12;
 set_real_ip_from  192.168.0.0/16;
 real_ip_header    X-Forwarded-For;

+# skynet-jwt contains dash so we cannot use $cookie_skynet-jwt
+# https://richardhart.me/2012/03/18/logging-nginx-cookies-with-dashes/
+map $http_cookie $skynet_jwt {
+	default '';
+	~skynet-jwt=(?<match>[^\;]+) $match;
+}
+
 upstream siad {
 	server sia:9980;
 }
@ -509,6 +516,10 @@ server {
 		internal; # internal endpoint only
 		access_log off; # do not log traffic

+		proxy_cache skynet; # use general nginx cache
+		proxy_cache_key $uri+$skynet_jwt; # include skynet-jwt cookie (mapped to skynet_jwt)
+		proxy_cache_valid 200 401 1m; # cache success and unauthorized responses for 1 minute
+
 		rewrite /accounts(.*) $1 break; # drop the /accounts prefix from uri
 		proxy_pass http://accounts:3000;
 	}