Finished BUD 1

config/local-nginx.conf

@@ -0,0 +1,109 @@
+# Local Ginxsom Development Server Configuration
+# This configuration serves files directly from the local repo directory
+
+# Main context - specify error log here to override system default
+error_log logs/error.log;
+pid logs/nginx.pid;
+
+events {
+    worker_connections 1024;
+}
+
+# HTTP context
+http {
+    # Basic settings
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+    
+    # MIME types
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+    
+    # Logging (relative to prefix directory)
+    access_log logs/access.log;
+    
+    # FastCGI upstream configuration
+    upstream fastcgi_backend {
+        server unix:/tmp/ginxsom-fcgi.sock;
+    }
+    
+    # Local development server
+    server {
+        listen 9001;
+        server_name localhost;
+        
+        # Root directory for blossom files (local blobs directory)
+        root blobs;
+        
+        # Maximum upload size (adjust as needed)
+        client_max_body_size 100M;
+        
+        # Security headers
+        add_header X-Content-Type-Options nosniff;
+        add_header X-Frame-Options DENY;
+        add_header X-XSS-Protection "1; mode=block";
+        
+        # Handle GET and HEAD requests for blob files - Blossom compliant
+        location ~ "^/([a-f0-9]{64}).*$" {
+            limit_except HEAD GET {
+                deny all;
+            }
+            
+            # Route HEAD requests to FastCGI via rewrite
+            if ($request_method = HEAD) {
+                rewrite ^/(.*)$ /fcgi-head/$1 last;
+            }
+            
+            # GET requests served directly with hash-only lookup
+            try_files /$1* =404;
+            
+            # Set appropriate headers for blobs
+            add_header Cache-Control "public, max-age=31536000, immutable";
+            add_header X-Content-Type-Options nosniff;
+            add_header X-Frame-Options DENY;
+            add_header X-XSS-Protection "1; mode=block";
+        }
+        
+        # FastCGI handler for HEAD requests
+        location ~ "^/fcgi-head/([a-f0-9]{64}).*$" {
+            internal;
+            fastcgi_pass fastcgi_backend;
+            fastcgi_param REQUEST_METHOD HEAD;
+            fastcgi_param REQUEST_URI /$1;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param QUERY_STRING $query_string;
+            fastcgi_param CONTENT_TYPE $content_type;
+            fastcgi_param CONTENT_LENGTH $content_length;
+            fastcgi_param SERVER_PROTOCOL $server_protocol;
+            fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
+            fastcgi_param REMOTE_ADDR $remote_addr;
+            fastcgi_param REMOTE_PORT $remote_port;
+            fastcgi_param SERVER_ADDR $server_addr;
+            fastcgi_param SERVER_PORT $server_port;
+            fastcgi_param SERVER_NAME $server_name;
+        }
+        
+        
+        # Health check endpoint
+        location /health {
+            access_log off;
+            return 200 "OK\n";
+            add_header Content-Type text/plain;
+        }
+        
+        # List files endpoint for debugging
+        location /debug/list {
+            autoindex on;
+            autoindex_format json;
+        }
+        
+        # Root redirect
+        location = / {
+            return 200 "Ginxsom Local Development Server\nTry: GET /<sha256>\nHealth: GET /health\n";
+            add_header Content-Type text/plain;
+        }
+    }
+}