ngnix caching and proxy

Last Updated: Jun 12, 2018 10:06PM PDT

There are cases, where you may want to share data from a bucket, either with or without password protection.

nginx proxy can be used in this case. Below you can find a quick guide on how to do it.

nginx installation

Download nginx (1.9.9 in my case), follow the guide here 

On CentOS 7.3, you may need the following packages. Simply run the following command:

yum install gcc pcre-devel openssl-devel libxslt-devel gd gd-devel perl-ExtUtils-Embed zlib-devel geoip-devel lua lua-devel

Download the following modules, unzip to a folder (in our case, it's /tmp for clarity):

https://github.com/openresty/set-misc-nginx-module
https://github.com/simplresty/ngx_devel_kit
https://github.com/openresty/lua-nginx-module

run the following commands (/tmp means you need to download this package from git and unzip it):

1. /configure --with-http_addition_module --with-http_dav_module --with-http_flv_module --with-http_geoip_module --with-http_gzip_static_module --with-http_image_filter_module --with-http_mp4_module --with-http_perl_module --with-http_random_index_module --with-http_secure_link_module --with-http_v2_module --with-http_sub_module --with-http_xslt_module --with-mail --with-mail_ssl_module  --add-module=/tmp/ngx_devel_kit-master/ --add-module=/tmp/set-misc-nginx-module-master  --add-module=/tmp/lua-nginx-module-master
2. make
3. make install


ngnix configuration

`#user  nobody;
worker_processes  1;
daemon "off";
error_log  /var/log/nginx_new_error.log;


events {
    worker_connections  1024;
}

http {

    server {
        listen       80;
        server_name  localhost;
        resolver 127.0.0.1;
location / {
    try_files $uri @s3;
}

location @s3 {
            
    set $s3_bucket          '<replace with bucket name>';
   
    set $key $request_uri;
    set $aws_access_key '<NooBaa access key>';
    set $aws_secret_key '<NooBaa secret key>';
    set_by_lua $now         "return ngx.cookie_time(ngx.time())";
    set $aws_signature      '';
    set $string_to_sign     "$request_method\n\n\n\nx-amz-date:$now\n/$s3_bucket$key";
    set_hmac_sha1           $aws_signature $aws_secret_key $string_to_sign;
    set_encode_base64       $aws_signature $aws_signature;
    proxy_http_version      1.1;
    proxy_set_header        x-amz-date $now;
    proxy_set_header        Authorization 'AWS $aws_access_key:$aws_signature';
    proxy_set_header        Host $s3_bucket.<replace with NooBaa endpoint>;
    proxy_hide_header       x-amz-id-2;
    proxy_hide_header       x-amz-request-id;
    proxy_hide_header       Set-Cookie;
    proxy_ignore_headers    "Set-Cookie";
    proxy_buffering         off;
    proxy_intercept_errors  on;

    proxy_pass <replace with NooBaa endpoint>;

    #uncomment the two lines below for password protection
  #auth_basic "Restricted";
  #auth_basic_user_file /home/username/nginx/example.com/.htpasswd;

    }
  }
}
`
Did you find this article helpful?
195e69fe2c7a9be6b2b2aa6b87f970548@noobaa.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete