update NGINX sample to allow admin to download backups

This commit is contained in:
Régis Hanol 2014-02-12 20:36:51 -08:00
parent b05bb86323
commit faf03fdeb1

View File

@ -46,28 +46,26 @@ server {
root $public;
location ~* \.(eot|ttf|woff|ico)$ {
add_header Access-Control-Allow-Origin *;
expires 1y;
add_header Cache-Control public;
}
expires 1y;
add_header Cache-Control public;
add_header Access-Control-Allow-Origin *;
}
location ~ ^/assets/ {
expires 1y;
add_header Cache-Control public;
add_header ETag "";
add_header Cache-Control public;
break;
}
location ~ ^/uploads/ {
expires 1y;
add_header Cache-Control public;
add_header ETag "";
add_header Cache-Control public;
## optional upload anti-hotlinking rules
#valid_referers none blocked mysite.com *.mysite.com;
#if ($invalid_referer) {
# return 403;
#}
#if ($invalid_referer) { return 403; }
# custom CSS
location ~ /stylesheet-cache/ { try_files $uri =404; }
@ -83,6 +81,14 @@ server {
break;
}
location ~ ^/backups/ {
# backups must go through the rails application to handle security
proxy_set_header X-Sendfile-Type X-Accel-Redirect;
proxy_set_header X-Accel-Mapping $public/=/downloads/;
proxy_pass http://discourse;
break;
}
try_files $uri @discourse;
}
@ -92,12 +98,10 @@ server {
}
location @discourse {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $thescheme;
proxy_set_header Host $http_host;
proxy_pass http://discourse;
}