# keep in sync with clsi-startup.sh files # keep in sync with server-ce/nginx/clsi-nginx.conf # Changes to the above: # - added debug header server { # Extra header for dev-env. add_header 'X-Served-By' 'clsi-nginx' always; listen 8080; server_name clsi-proxy; server_tokens off; access_log off; # Ignore symlinks possibly created by users disable_symlinks on; # enable compression for tex auxiliary files, but not for pdf files gzip on; gzip_types text/plain; gzip_proxied any; types { text/plain log blg aux stdout stderr; application/pdf pdf; } # user content domain access check # The project-id is zero prefixed. No actual user project uses these ids. # mongo-id 000000000000000000000000 -> 1970-01-01T00:00:00.000Z # mongo-id 000000010000000000000000 -> 1970-01-01T00:00:01.000Z # mongo-id 100000000000000000000000 -> 1978-07-04T21:24:16.000Z # This allows us to distinguish between check-traffic and regular output traffic. location ~ ^/project/0([0-9a-f]+)/user/([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.pdf$ { if ($request_method = 'OPTIONS') { # handle OPTIONS method for CORS requests add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Allow' 'GET,HEAD'; return 200 'GET,HEAD'; } alias /var/clsi/tiny.pdf; } location ~ ^/project/0([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.pdf$ { if ($request_method = 'OPTIONS') { # handle OPTIONS method for CORS requests add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Allow' 'GET,HEAD'; return 200 'GET,HEAD'; } alias /var/clsi/tiny.pdf; } # handle output files for specific users location ~ ^/project/([0-9a-f]+)/user/([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.([a-z]+)$ { if ($request_method = 'OPTIONS') { # handle OPTIONS method for CORS requests add_header 'Allow' 'GET,HEAD'; return 204; } alias /output/$1-$2/generated-files/$3/output.$4; } # handle .blg files for specific users location ~ ^/project/([0-9a-f]+)/user/([0-9a-f]+)/build/([0-9a-f-]+)/output/(.+)\.blg$ { if ($request_method = 'OPTIONS') { # handle OPTIONS method for CORS requests add_header 'Allow' 'GET,HEAD'; return 204; } alias /output/$1-$2/generated-files/$3/$4.blg; } # handle output files for anonymous users location ~ ^/project/([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.([a-z]+)$ { if ($request_method = 'OPTIONS') { # handle OPTIONS method for CORS requests add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Allow' 'GET,HEAD'; return 200 'GET,HEAD'; } alias /output/$1/generated-files/$2/output.$3; } # handle .blg files for anonymous users location ~ ^/project/([0-9a-f]+)/build/([0-9a-f-]+)/output/(.+)\.blg$ { if ($request_method = 'OPTIONS') { # handle OPTIONS method for CORS requests add_header 'Allow' 'GET,HEAD'; return 204; } alias /output/$1/generated-files/$2/$3.blg; } # PDF range for specific users location ~ ^/project/([0-9a-f]+)/user/([0-9a-f]+)/content/([0-9a-f-]+/[0-9a-f]+)$ { if ($request_method = 'OPTIONS') { # handle OPTIONS method for CORS requests add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Allow' 'GET,HEAD'; return 200 'GET,HEAD'; } # Cache for one day expires 1d; alias /output/$1-$2/content/$3; } # PDF range for anonymous users location ~ ^/project/([0-9a-f]+)/content/([0-9a-f-]+/[0-9a-f]+)$ { if ($request_method = 'OPTIONS') { # handle OPTIONS method for CORS requests add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Allow' 'GET,HEAD'; return 200 'GET,HEAD'; } # Cache for one day expires 1d; alias /output/$1/content/$2; } # status endpoint for haproxy httpchk option location /status { return 200; } # load shedding probe location = /instance-state { alias /var/clsi/instance-state; } }