From 019ed06cbdb661cba5d6c320867d28980e2d0aff Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Sun, 31 Dec 2023 10:35:13 +0100 Subject: [PATCH] Update nginx.conf --- conf/nginx.conf | 45 ++++++++++----------------------------------- 1 file changed, 10 insertions(+), 35 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 9b320b1..af5d78f 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -19,19 +19,19 @@ location @api { proxy_pass http://127.0.0.1:__PORT__; } -location = /api/v1/videos/upload-resumable { - client_max_body_size 0; - proxy_request_buffering off; - - try_files /dev/null @api; -} - location / { try_files /dev/null @api; # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; } +location ~ ^/api/v1/videos/(upload-resumable|([^/]+/source/replace-resumable))$ { + client_max_body_size 0; + proxy_request_buffering off; + + try_files /dev/null @api; +} + location ~ ^/api/v1/videos/(upload|([^/]+/studio/edit))$ { limit_except POST HEAD { deny all; } @@ -98,10 +98,9 @@ location ~ ^/plugins/[^/]+(/[^/]+)?/ws/ { root __DATA_DIR__/storage/; - # Enable compression for JS/CSS/HTML, for improved client load times. - # It might be nice to compress JSON/XML as returned by the API, but - # leaving that out to protect against potential BREACH attack. - +# Enable compression for JS/CSS/HTML, for improved client load times. +# It might be nice to compress JSON/XML as returned by the API, but +# leaving that out to protect against potential BREACH attack. # gzip on; gzip_vary on; gzip_types # text/html is always compressed by HttpGzipModule @@ -145,30 +144,6 @@ location ~ ^/client/(.*\.(js|css|png|svg|woff2|otf|ttf|woff|eot))$ { alias __INSTALL_DIR__/client/dist/$1; } -# Bypass PeerTube for performance reasons. Optional. -location ~ ^/static/(thumbnails|avatars)/ { - if ($request_method = 'OPTIONS') { - more_set_headers "Access-Control-Allow-Origin : *"; - more_set_headers "Access-Control-Allow-Methods : GET, OPTIONS"; - more_set_headers "Access-Control-Allow-Headers : Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type"; - more_set_headers "Access-Control-Max-Age : 1728000"; # Preflight request can be cached 20 days - more_set_headers "Content-Type : text/plain charset=UTF-8"; - more_set_headers "Content-Length : 0"; - return 204; - } - - more_set_headers "Access-Control-Allow-Origin : *"; - more_set_headers "Access-Control-Allow-Methods : GET, OPTIONS"; - more_set_headers "Access-Control-Allow-Headers : Range,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type"; - more_set_headers "Cache-Control : public, max-age=7200"; # Cache response 2 hours - - rewrite ^/static/(.*)$ /$1 break; - - root __DATA_DIR__/storage/; - - try_files $uri @api; -} - location ~ ^(/static/(webseed|web-videos|streaming-playlists)/private/)|^/download { # We can't rate limit a try_files directive, so we need to duplicate @api