mirror of
https://github.com/mempool/mempool.git
synced 2024-11-19 09:52:14 +01:00
268 lines
8.2 KiB
Plaintext
268 lines
8.2 KiB
Plaintext
###########
|
|
# routing #
|
|
###########
|
|
|
|
location /api/v1/assets {
|
|
try_files /dev/null @mempool-api-v1-services-cache-short;
|
|
}
|
|
location /api/v1/contributors {
|
|
try_files /dev/null @mempool-api-v1-services-cache-medium;
|
|
}
|
|
location /api/v1/contributors/images {
|
|
try_files /dev/null @mempool-api-v1-services-cache-long;
|
|
}
|
|
location /api/v1/donations {
|
|
try_files /dev/null @mempool-api-v1-services-cache-medium;
|
|
}
|
|
location /api/v1/donations/images {
|
|
try_files /dev/null @mempool-api-v1-services-cache-long;
|
|
}
|
|
location /api/v1/translators {
|
|
try_files /dev/null @mempool-api-v1-services-cache-medium;
|
|
}
|
|
location /api/v1/translators/images {
|
|
try_files /dev/null @mempool-api-v1-services-cache-long;
|
|
}
|
|
location /api/v1/services/internal/ {
|
|
return 403;
|
|
}
|
|
location /api/v1/services/ {
|
|
try_files /dev/null @mempool-api-v1-services-cache-disabled;
|
|
}
|
|
|
|
###########
|
|
# caching #
|
|
###########
|
|
|
|
location @mempool-api-v1-services-cache-disabled {
|
|
proxy_pass $mempoolSpaceServices;
|
|
|
|
# remove these just in case double proxied
|
|
proxy_hide_header Onion-Location;
|
|
proxy_hide_header Strict-Transport-Security;
|
|
proxy_hide_header Content-Security-Policy;
|
|
proxy_hide_header X-Frame-Options;
|
|
|
|
# remove cache headers from services backend
|
|
proxy_hide_header Cache-Control;
|
|
proxy_hide_header Expires;
|
|
proxy_hide_header Pragma;
|
|
|
|
# pass these headers to services backend
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# add our own cache headers
|
|
add_header 'Pragma' 'no-cache';
|
|
add_header 'Cache-Control' 'private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
|
|
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
|
|
expires -1;
|
|
}
|
|
|
|
location @mempool-api-v1-services-cache-disabled-addcors {
|
|
proxy_pass $mempoolSpaceServices;
|
|
|
|
# remove these just in case double proxied
|
|
proxy_hide_header Onion-Location;
|
|
proxy_hide_header Strict-Transport-Security;
|
|
proxy_hide_header Content-Security-Policy;
|
|
proxy_hide_header X-Frame-Options;
|
|
|
|
# remove cache headers from services backend
|
|
proxy_hide_header Cache-Control;
|
|
proxy_hide_header Expires;
|
|
proxy_hide_header Pragma;
|
|
|
|
# pass these headers to services backend
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# add our own cache headers
|
|
add_header 'Pragma' 'no-cache';
|
|
add_header 'Cache-Control' 'private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
|
|
|
|
# generate CORS configuration from origin header
|
|
set $cors_methods 'GET, POST, PUT, DELETE, OPTIONS';
|
|
set $cors_origin 'https://mempool.space';
|
|
set $cors_headers 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With';
|
|
set $cors_expose_headers 'X-Total-Count';
|
|
set $cors_credentials 'true';
|
|
|
|
# set CORS for approved hostnames
|
|
if ($cors_approved_origin = 'legit')
|
|
{
|
|
set $cors_methods 'GET, POST, PUT, DELETE, OPTIONS';
|
|
set $cors_origin "$http_origin";
|
|
set $cors_headers 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With';
|
|
set $cors_expose_headers 'X-Total-Count';
|
|
set $cors_credentials 'true';
|
|
}
|
|
|
|
# set CORS for approved hostnames
|
|
add_header Access-Control-Allow-Methods "$cors_methods" always;
|
|
add_header Access-Control-Allow-Origin "$cors_origin" always;
|
|
add_header Access-Control-Allow-Headers "$cors_headers" always;
|
|
add_header Access-Control-Allow-Credentials "$cors_credentials" always;
|
|
add_header Access-Control-Expose-Headers "$cors_expose_headers" always;
|
|
|
|
proxy_redirect off;
|
|
proxy_buffering off;
|
|
|
|
expires -1;
|
|
}
|
|
|
|
location @mempool-api-v1-services-cache-short {
|
|
proxy_pass $mempoolSpaceServices;
|
|
proxy_cache services;
|
|
proxy_redirect off;
|
|
|
|
# remove these just in case double proxied
|
|
proxy_hide_header Onion-Location;
|
|
proxy_hide_header Strict-Transport-Security;
|
|
proxy_hide_header Content-Security-Policy;
|
|
proxy_hide_header X-Frame-Options;
|
|
|
|
# pass these headers to services backend
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# remove cache headers from services backend
|
|
proxy_hide_header Cache-Control;
|
|
proxy_hide_header Expires;
|
|
proxy_hide_header Pragma;
|
|
|
|
# add our own cache headers
|
|
add_header 'Pragma' 'public';
|
|
add_header 'Cache-Control' 'public';
|
|
expires 2s;
|
|
|
|
# server-side cache validity
|
|
proxy_cache_valid 200 2s;
|
|
}
|
|
|
|
location @mempool-api-v1-services-cache-short-addcors {
|
|
proxy_pass $mempoolSpaceServices;
|
|
proxy_cache services;
|
|
proxy_redirect off;
|
|
|
|
# remove these just in case double proxied
|
|
proxy_hide_header Onion-Location;
|
|
proxy_hide_header Strict-Transport-Security;
|
|
proxy_hide_header Content-Security-Policy;
|
|
proxy_hide_header X-Frame-Options;
|
|
|
|
# pass these headers to services backend
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# remove cache headers from services backend
|
|
proxy_hide_header Cache-Control;
|
|
proxy_hide_header Expires;
|
|
proxy_hide_header Pragma;
|
|
|
|
# generate CORS configuration from origin header
|
|
set $cors_methods 'GET, POST, PUT, DELETE, OPTIONS';
|
|
set $cors_origin 'https://mempool.space';
|
|
set $cors_headers 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With';
|
|
set $cors_expose_headers 'X-Total-Count';
|
|
set $cors_credentials 'true';
|
|
|
|
# set CORS for approved hostnames
|
|
if ($cors_approved_origin = 'legit')
|
|
{
|
|
set $cors_methods 'GET, POST, PUT, DELETE, OPTIONS';
|
|
set $cors_origin "$http_origin";
|
|
set $cors_headers 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With';
|
|
set $cors_expose_headers 'X-Total-Count';
|
|
set $cors_credentials 'true';
|
|
}
|
|
|
|
# set CORS for approved hostnames
|
|
add_header Access-Control-Allow-Methods "$cors_methods" always;
|
|
add_header Access-Control-Allow-Origin "$cors_origin" always;
|
|
add_header Access-Control-Allow-Headers "$cors_headers" always;
|
|
add_header Access-Control-Allow-Credentials "$cors_credentials" always;
|
|
add_header Access-Control-Expose-Headers "$cors_expose_headers" always;
|
|
|
|
# add our own cache headers
|
|
add_header 'Pragma' 'public';
|
|
add_header 'Cache-Control' 'public';
|
|
expires 2s;
|
|
|
|
# server-side cache validity
|
|
proxy_cache_valid 200 2s;
|
|
}
|
|
|
|
location @mempool-api-v1-services-cache-medium {
|
|
proxy_pass $mempoolSpaceServices;
|
|
proxy_cache services;
|
|
proxy_redirect off;
|
|
|
|
# remove these just in case double proxied
|
|
proxy_hide_header Onion-Location;
|
|
proxy_hide_header Strict-Transport-Security;
|
|
proxy_hide_header Content-Security-Policy;
|
|
proxy_hide_header X-Frame-Options;
|
|
|
|
# pass these headers to services backend
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# remove cache headers from services backend
|
|
proxy_hide_header Cache-Control;
|
|
proxy_hide_header Expires;
|
|
proxy_hide_header Pragma;
|
|
|
|
# add our own cache headers
|
|
add_header 'Pragma' 'public';
|
|
add_header 'Cache-Control' 'public';
|
|
expires 7d;
|
|
|
|
# server-side cache validity
|
|
proxy_cache_valid 200 7d;
|
|
}
|
|
|
|
location @mempool-api-v1-services-cache-long {
|
|
proxy_pass $mempoolSpaceServices;
|
|
proxy_cache services;
|
|
proxy_redirect off;
|
|
|
|
# remove these just in case double proxied
|
|
proxy_hide_header Onion-Location;
|
|
proxy_hide_header Strict-Transport-Security;
|
|
proxy_hide_header Content-Security-Policy;
|
|
proxy_hide_header X-Frame-Options;
|
|
|
|
# pass these headers to services backend
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# remove cache headers from services backend
|
|
proxy_hide_header Cache-Control;
|
|
proxy_hide_header Expires;
|
|
proxy_hide_header Pragma;
|
|
|
|
# add our own cache headers
|
|
add_header 'Pragma' 'public';
|
|
add_header 'Cache-Control' 'public';
|
|
expires 30d;
|
|
|
|
# server-side cache validity
|
|
proxy_cache_valid 200 30d;
|
|
}
|