gtsocial-umbx

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit fd62847c83334e13b9e5fccb5a6482ac06d9de94
parent 700ed7769f838df0ea8cb1d2f96ca208898dd2b6
Author: Daenney <daenney@users.noreply.github.com>
Date:   Wed, 15 Feb 2023 11:44:30 +0100

[docs] Fix nginx fileserver caching example (#1506)

* [bug] Fix nginx fileserver caching example

This updates the example to ensure the nginx proxies the request on to
GTS if the file is not found on disk. This can happen due to media
pruning.

* [chore] Set cache-control in nginx to private

This makes the header match with the backend. For things from the
fileserver it may not be appropriate for anything other than a private
cache (i.e the client) to cache things.
Diffstat:
Mdocs/installation_guide/advanced.md | 14+++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/docs/installation_guide/advanced.md b/docs/installation_guide/advanced.md @@ -390,11 +390,21 @@ server { add_header Cache-Control "public"; } + location @fileserver { + proxy_pass http://localhost:8080/; + proxy_set_header Host $host; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Proto $scheme; + } + location /fileserver/ { alias storage-local-base-path/; autoindex off; expires max; - add_header Cache-Control "public, immutable"; + add_header Cache-Control "private, immutable"; + try_files $uri @fileserver; } location / { @@ -416,6 +426,8 @@ server { } ``` +The `/fileserver` location is a bit special. When we fail to fetch the media from disk, we want to proxy the request on to GoToSocial so it can try and fetch it. This can be necessary if the media has been removed from disk due to retention settings. The `try_files` directive can't take a `proxy_pass` itself so instead we created the named `@fileserver` location that we pass in last to `try_files`. + The trailing slashes in the new `location` directives and the `alias` are significant, do not remove those. The `expires` directive adds the necessary headers to inform the client how long it may cache the resource. For assets, which may change on each release, 5 minutes is used in this example. For attachments, which should never change once they're created, `max` is used instead setting the cache expiry to the 31st of December 2037. For other options, see the nginx documentation on the [`expires` directive](https://nginx.org/en/docs/http/ngx_http_headers_module.html#expires). Nginx does not add cache headers to 4xx or 5xx response codes so a failure to fetch an asset won't get cached by clients. The `autoindex off` directive tells nginx to not serve a directory listing. This should be the default but it doesn't hurt to be explicit. The added `add_header` lines set additional options for the `Cache-Control` header: * `public` is used to indicate that anyone may cache this resource * `immutable` is used to indicate this resource will never change while it is fresh (it's before the end of the expires) allowing clients to forego conditional requests to revalidate the resource during that timespan