mirror of
https://github.com/mempool/mempool.git
synced 2024-11-20 10:21:52 +01:00
81bc449043
This patch was generated by replacing:
`proxy_set_header Host $http_host` ->
`proxy_set_header Host $host`
Script:
find . -type f -exec sed -i 's|proxy_set_header Host \$http_host|proxy_set_header Host \$host|g' {} \;
Fixes test error:
```
>> Problem: [host_spoofing] The proxied Host header may be spoofed.
Description: In most cases "$host" variable are more appropriate, just use it.
Additional info: https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md
```
`proxy_set_header Host $host` is indeed the recommended default proxy header setting.
155 lines
3.7 KiB
Plaintext
155 lines
3.7 KiB
Plaintext
###########
|
|
# mempool #
|
|
###########
|
|
|
|
# websocket has special HTTP headers
|
|
location /signet/api/v1/ws {
|
|
rewrite ^/signet/(.*) /$1 break;
|
|
try_files /dev/null @mempool-signet-api-v1-websocket;
|
|
}
|
|
|
|
# warm cache mining and mempool API responses
|
|
location /signet/api/v1/statistics {
|
|
rewrite ^/signet/(.*) /$1 break;
|
|
try_files /dev/null @mempool-signet-api-v1-cache-warm;
|
|
}
|
|
location /signet/api/v1/mining {
|
|
rewrite ^/signet/(.*) /$1 break;
|
|
try_files /dev/null @mempool-signet-api-v1-cache-warm;
|
|
}
|
|
|
|
# it's ok to cache blockchain data "forever", so we do 30d
|
|
location /signet/api/v1/block/ {
|
|
rewrite ^/signet/(.*) /$1 break;
|
|
try_files /dev/null @mempool-signet-api-v1-cache-forever;
|
|
}
|
|
|
|
# everything else gets "normal" cache
|
|
location /signet/api/v1 {
|
|
rewrite ^/signet/(.*) /$1 break;
|
|
try_files /dev/null @mempool-signet-api-v1-cache-normal;
|
|
}
|
|
|
|
###########
|
|
# esplora #
|
|
###########
|
|
|
|
# it's ok to cache blockchain data "forever", so we do 30d
|
|
location /signet/api/block/ {
|
|
rewrite ^/signet/api/(.*) /$1 break;
|
|
try_files /dev/null @esplora-signet-api-cache-forever;
|
|
}
|
|
# other API responses cannot be cached
|
|
location /signet/api/ {
|
|
rewrite ^/signet/api/(.*) /$1 break;
|
|
try_files /dev/null @esplora-signet-api-cache-disabled;
|
|
}
|
|
|
|
###########
|
|
# routing #
|
|
###########
|
|
|
|
location @mempool-signet-api-v1-websocket {
|
|
proxy_pass $mempoolSignet;
|
|
proxy_http_version 1.1;
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
location @mempool-signet-api-v1-cache-forever {
|
|
proxy_pass $mempoolSignet;
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_cache_background_update on;
|
|
proxy_cache_use_stale updating;
|
|
proxy_cache api;
|
|
proxy_cache_valid 200 30d;
|
|
proxy_redirect off;
|
|
|
|
expires 30d;
|
|
}
|
|
|
|
location @mempool-signet-api-v1-cache-warm {
|
|
proxy_pass $mempoolSignet;
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_cache_background_update on;
|
|
proxy_cache_use_stale updating;
|
|
proxy_cache api;
|
|
proxy_cache_valid 200 10s;
|
|
proxy_redirect off;
|
|
}
|
|
|
|
location @mempool-signet-api-v1-cache-normal {
|
|
proxy_pass $mempoolSignet;
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_cache api;
|
|
proxy_cache_valid 200 10s;
|
|
proxy_redirect off;
|
|
|
|
expires 10s;
|
|
}
|
|
|
|
location @mempool-signet-api-v1-cache-disabled {
|
|
proxy_pass $mempoolSignet;
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
|
|
expires -1;
|
|
}
|
|
|
|
location @esplora-signet-api-cache-disabled {
|
|
proxy_pass $esploraSignet;
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
|
|
expires -1;
|
|
}
|
|
|
|
location @esplora-signet-api-cache-forever {
|
|
proxy_pass $esploraSignet;
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_cache_background_update on;
|
|
proxy_cache_use_stale updating;
|
|
proxy_cache api;
|
|
proxy_cache_valid 200 30d;
|
|
proxy_redirect off;
|
|
|
|
expires 30d;
|
|
}
|