mirror of
https://github.com/YunoHost-Apps/funkwhale_ynh.git
synced 2024-09-03 18:36:24 +02:00
96 lines
No EOL
2.6 KiB
Nginx Configuration File
96 lines
No EOL
2.6 KiB
Nginx Configuration File
location / {
|
|
alias __FINALPATH__/code/front/dist/;
|
|
|
|
if ($scheme = http) {
|
|
rewrite ^ https://$server_name$request_uri? permanent;
|
|
}
|
|
|
|
try_files $uri $uri/ @rewrites;
|
|
}
|
|
|
|
location @rewrites {
|
|
rewrite ^(.+)$ /index.html last;
|
|
}
|
|
|
|
location /api/ {
|
|
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
|
|
# this is needed if you have file import via upload enabled
|
|
client_max_body_size 30M;
|
|
proxy_pass http://127.0.0.1:__PORT__/api/;
|
|
}
|
|
|
|
location /federation/ {
|
|
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
|
|
proxy_pass http://127.0.0.1:__PORT__/federation/;
|
|
}
|
|
|
|
location /.well-known/ {
|
|
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
|
|
proxy_pass http://127.0.0.1:__PORT__/.well-known/;
|
|
}
|
|
|
|
location /media/ {
|
|
alias __FINALPATH__/media/;
|
|
}
|
|
|
|
location __PATH__/_protected/media/ {
|
|
# this is an internal location that is used to serve
|
|
# audio files once correct permission / authentication
|
|
# has been checked on API side
|
|
internal;
|
|
alias __FINALPATH__/media/;
|
|
}
|
|
|
|
# Transcoding logic and caching
|
|
# TODO: try to enable this
|
|
# https://code.eliotberriot.com/funkwhale/funkwhale/blob/0.8/deploy/nginx.conf#L4
|
|
# https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache
|
|
|
|
location = /transcode-auth {
|
|
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
|
|
# needed so we can authenticate transcode requests, but still
|
|
# cache the result
|
|
internal;
|
|
set $query '';
|
|
# ensure we actually pass the jwt to the underlytin auth url
|
|
if ($request_uri ~* "[^\?]+\?(.*)$") {
|
|
set $query $1;
|
|
}
|
|
proxy_pass http://127.0.0.1:__PORT__/api/v1/trackfiles/viewable/?$query;
|
|
proxy_pass_request_body off;
|
|
proxy_set_header Content-Length "";
|
|
}
|
|
|
|
location /api/v1/trackfiles/transcode/ {
|
|
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
|
|
# this block deals with authenticating and caching transcoding
|
|
# requests. Caching is heavily recommended as transcoding
|
|
# is a CPU intensive process.
|
|
auth_request /transcode-auth;
|
|
if ($args ~ (.*)jwt=[^&]*(.*)) {
|
|
set $cleaned_args $1$2;
|
|
}
|
|
proxy_cache_key "$scheme$request_method$host$uri$is_args$cleaned_args";
|
|
proxy_cache __NAME__-transcode;
|
|
proxy_cache_valid 200 7d;
|
|
proxy_ignore_headers "Set-Cookie";
|
|
proxy_hide_header "Set-Cookie";
|
|
add_header X-Cache-Status $upstream_cache_status;
|
|
proxy_pass http://127.0.0.1:__PORT__;
|
|
}
|
|
# end of transcoding logic
|
|
|
|
location /staticfiles/ {
|
|
# django static files
|
|
alias __FINALPATH__/code/data/static/;
|
|
}
|
|
|
|
location /rest/ {
|
|
include __FINALPATH__/code/deploy/funkwhale_proxy.conf;
|
|
proxy_pass http://127.0.0.1:__PORT__/api/subsonic/rest/;
|
|
}
|
|
|
|
location /_protected/music {
|
|
internal;
|
|
alias __FINALPATH__/import;
|
|
} |