Skip to content

Commit b20a319

Browse files
PhilippMDoernerPhilippMDoerner
PhilippMDoerner
authored andcommitted
Fix db-dump config
1 parent 8bed734 commit b20a319

File tree

1 file changed

+17
-8
lines changed

1 file changed

+17
-8
lines changed

buildFiles/nginx/nginx_prod.conf

+17-8
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,16 @@ http {
3737
proxy_send_timeout 600;
3838

3939
#gzip on;
40+
41+
# Default: Nginx does not set empty string headers, therefore no header will be set
42+
# Second regex matches localhost:XXXX
43+
# This map block tries to match the contents of http_origin against the regexes below.
44+
# If a regex matches, the value under $allow_origin is put into the $allow_origin variable.
45+
map "$http_origin" $allow_origin {
46+
default '';
47+
"~^https?:\/\/(.*\.)?aldrune.com(:\d+)?$" "$http_origin";
48+
"~^https?:\/\/(.*\.)?localhost(:\d+)?$" "$http_origin";
49+
}
4050

4151
server {
4252
listen 80;
@@ -60,14 +70,16 @@ http {
6070

6171
root /frontend;
6272

63-
6473
gzip on;
6574
gzip_vary on;
6675
gzip_min_length 1000;
6776
gzip_proxied any;
6877
gzip_comp_level 9;
6978
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/javascript text/xml application/xml application/xml+rss;
7079

80+
# Allows the origin of the request if it matched any of the regular expressions in the block `map $http_origin $allow_origin`
81+
add_header 'Access-Control-Allow-Origin' $allow_origin;
82+
7183
# Config stuff
7284
location /nginx_status {
7385
# Enable Nginx stats
@@ -81,15 +93,13 @@ http {
8193
# Image files
8294
location /media/ {
8395
#CORS
84-
add_header Access-Control-Allow-Origin '*';
8596
add_header Cache-Control 'public, max-age=604800'; # cache for 1 week
8697

8798
alias /imagemedia/;
8899
}
89100

90101
location /campaign_icons/ {
91102
#CORS
92-
add_header Access-Control-Allow-Origin '*';
93103
add_header Cache-Control 'public, max-age=604800'; # cache for 1 week
94104

95105
alias /imagemedia/campaign_icons/;
@@ -115,7 +125,6 @@ http {
115125
# Serves audiofiles for streaming
116126
location /session_audio/ {
117127
#CORS
118-
add_header Access-Control-Allow-Origin '*';
119128
alias /session_audio/;
120129
}
121130

@@ -132,10 +141,10 @@ http {
132141
report_uploads uploads;
133142
}
134143

135-
location /db_dumps/ {
144+
location /wiki1/api/db_dumps/ {
145+
136146
# Serves files from /db_dumps/ but checks for authentication first
137147
auth_request /auth ;
138-
add_header Access-Control-Allow-Origin '*';
139148
add_header Cache-Control 'public, max-age=21600'; # cache for 6h
140149
alias /db_dumps/;
141150
}
@@ -155,6 +164,8 @@ http {
155164
location /wiki1/api {
156165
rewrite ^/wiki1/api/(.*) /$1 break; #Removes "/wiki1/api" from the url for the web-application-server
157166

167+
add_header Access-Control-Allow-Credentials true;
168+
158169
proxy_pass http://nswebserver:8080; #Hands request over to localhost:8080 where the web-application server is
159170
proxy_set_header Host $host;
160171
proxy_send_timeout 300s;
@@ -167,8 +178,6 @@ http {
167178
# Serves the frontend which is an angular application
168179
location /wiki2 {
169180
# CORS
170-
add_header Access-Control-Allow-Origin '*';
171-
172181
# Cache headers
173182
add_header Cache-Control 'public, max-age=86400'; # cache for 1 day
174183

0 commit comments

Comments
 (0)