no way to compare when less than two revisions

Differences

This shows you the differences between two versions of the page.

@@ Line 1: / Line 1: @@
+====== 2022-06-04 - caching proxy in nginx ======
+in one of the previous projects we had an issue on CI. TL;DR -- we needed a cache, to minimize network traffic between different locations. case was simple: there were build artifacts, stored on site A and these were needed ''N'' times on site B. since the files (once published) never changed, it was a simple matter of keeping a copy on site B, when it was 1st downloaded from site A.
+after some digging it turned out that [[wp>nginx]] has a ready-to-go solution for exactly that! this is how an example configuration (''nginx.conf'') looks like:
+<code>
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+events {
+    worker_connections 1024;
+    # multi_accept on;
+}
+http {
+    access_log /var/log/nginx/access.log;
+    error_log /var/log/nginx/error.log;
+    client_max_body_size 2048M;
+    gzip off;
+    server {
+        listen 80 default_server;
+        listen [::]:80 default_server;
+        proxy_cookie_path / "/; HttpOnly; Secure";
+        server_name _;
+        return 301 https://$host$request_uri;
+    }
+    proxy_cache_path  /var/cache/nginx/ levels=1:2 keys_zone=STATIC:10m inactive=15d max_size=1800g;
+    server {
+        listen 443 ssl default_server;
+        listen [::]:443 ssl default_server;
+        proxy_cookie_path / "/; HttpOnly; Secure";
+        server_name _;
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_certificate     /path/to/cert.pem;
+        ssl_certificate_key /path/to/key.pem;
+        location / {
+            proxy_pass             https://actual.server.to.offload;
+            proxy_cache_methods    GET HEAD;
+            proxy_set_header       Host $host;
+            proxy_buffering        on;
+            proxy_cache            STATIC;
+            proxy_cache_valid      200  10d;
+            proxy_cache_use_stale  error timeout invalid_header updating
+                                   http_500 http_502 http_503 http_504;
+        }
+    }
+}
+</code>
+this coveres: caching, cache lifetime management, HTTPS and HTTP to HTTPS redirection. all in 49 lines of config, including formatting. :D once deployed, there were no further issues observed. XXI century magic! ;)

blog/2022/06/04/2022-06-04_-_caching_proxy_in_nginx.txt · Last modified: 2022/06/04 20:29 by basz

Back to top