LumeWeb
/
skynet-webportal
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Wildcard Subdomains (#329) 

* Add server rule and loation block to handle the base32 encoded skylink through the wildcard subdomain

* Instead of redirecting, proxy pass

* Add trailing slash

* Fix regex to handle server names

* Update docker/nginx/conf.d/client.conf

Co-authored-by: Karol Wypchło <kwypchlo@gmail.com>

* Implement PR remarks

* Implement PR remarks

Co-authored-by: Karol Wypchło <kwypchlo@gmail.com>
This commit is contained in:
Peter-Jan Brone 2020-09-10 17:14:43 +02:00 committed by GitHub
parent c2138f1d15
commit 96aff33135
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
docker/nginx/conf.d/client.conf
View File

@ -21,6 +21,10 @@ server {
listen 80 default_server; listen 80 default_server;
listen [::]:80 default_server; listen [::]:80 default_server;
# parse subdomain (a base32 encoded Skylink) into custom variable
server_name ~^([a-z0-9]{55}).*?;
set $subdomain $1;
# ddos protection: closing slow connections # ddos protection: closing slow connections
client_body_timeout 5s; client_body_timeout 5s;
client_header_timeout 5s; client_header_timeout 5s;
@ -31,6 +35,17 @@ server {
client_max_body_size 128k; client_max_body_size 128k;
location / { location / {
# The only safe thing to do inside an if in a location block is return
# or rewrite, since we need to proxy_pass we have to work our way around
# using a custom error code.
#
# See https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
error_page 418 = @subdomain;
recursive_error_pages on;
if ($subdomain != "") {
return 418;
}
include /etc/nginx/conf.d/include/cors; include /etc/nginx/conf.d/include/cors;
root /var/www/webportal; root /var/www/webportal;
@ -170,6 +185,20 @@ server {
proxy_pass http://siad/skynet/skylink/$skylink$is_args$args; proxy_pass http://siad/skynet/skylink/$skylink$is_args$args;
} }
location @subdomain {
include /etc/nginx/conf.d/include/cors;
include /etc/nginx/conf.d/include/proxy-buffer;
include /etc/nginx/conf.d/include/proxy-cache-downloads;
limit_conn downloads_by_ip 100; # ddos protection: max 100 downloads at a time
add_header Cache-Control "public, max-age=86400"; # allow consumer to cache response
proxy_read_timeout 600;
proxy_set_header User-Agent: Sia-Agent;
# proxy this call to siad /skynet/skylink/ endpoint (make sure the ip is correct)
proxy_pass http://siad/skynet/skylink/$subdomain/$request_uri;
}
location ~ "^/file/([a-zA-Z0-9-_]{46}(/.*)?)$" { location ~ "^/file/([a-zA-Z0-9-_]{46}(/.*)?)$" {
include /etc/nginx/conf.d/include/cors; include /etc/nginx/conf.d/include/cors;
include /etc/nginx/conf.d/include/proxy-buffer; include /etc/nginx/conf.d/include/proxy-buffer;