ngnix caching and proxy

Last Updated: Jun 12, 2018 10:06PM PDT

There are cases, where you may want to share data from a bucket, either with or without password protection.

nginx proxy can be used in this case. Below you can find a quick guide on how to do it.

nginx installation

Download nginx (1.9.9 in my case), follow the guide here 

On CentOS 7.3, you may need the following packages. Simply run the following command:

yum install gcc pcre-devel openssl-devel libxslt-devel gd gd-devel perl-ExtUtils-Embed zlib-devel geoip-devel lua lua-devel

Download the following modules, unzip to a folder (in our case, it's /tmp for clarity):

run the following commands (/tmp means you need to download this package from git and unzip it):

1. /configure --with-http_addition_module --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_mp4_module --with-http_perl_module --with-http_random_index_module --with-http_secure_link_module --with-http_v2_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module  --add-module=/tmp/ngx_devel_kit-master/ --add-module=/tmp/set-misc-nginx-module-master  --add-module=/tmp/lua-nginx-module-master
2. make
3. make install

ngnix configuration

`#user  nobody;
worker_processes  1;
daemon "off";
error_log  /var/log/nginx_new_error.log;

events {
    worker_connections  1024;

http {

    server {
        listen       80;
        server_name  localhost;
location / {
    try_files $uri @s3;

location @s3 {
    set $s3_bucket          '<replace with bucket name>';
    set $key $request_uri;
    set $aws_access_key '<NooBaa access key>';
    set $aws_secret_key '<NooBaa secret key>';
    set_by_lua $now         "return ngx.cookie_time(ngx.time())";
    set $aws_signature      '';
    set $string_to_sign     "$request_method\n\n\n\nx-amz-date:$now\n/$s3_bucket$key";
    set_hmac_sha1           $aws_signature $aws_secret_key $string_to_sign;
    set_encode_base64       $aws_signature $aws_signature;
    proxy_http_version      1.1;
    proxy_set_header        x-amz-date $now;
    proxy_set_header        Authorization 'AWS $aws_access_key:$aws_signature';
    proxy_set_header        Host $s3_bucket.<replace with NooBaa endpoint>;
    proxy_hide_header       x-amz-id-2;
    proxy_hide_header       x-amz-request-id;
    proxy_hide_header       Set-Cookie;
    proxy_ignore_headers    "Set-Cookie";
    proxy_buffering         off;
    proxy_intercept_errors  on;

    proxy_pass <replace with NooBaa endpoint>;

    #uncomment the two lines below for password protection
  #auth_basic "Restricted";
  #auth_basic_user_file /home/username/nginx/;

Did you find this article helpful?
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found