nginx.conf

2025-08-18 23:01:37 -04:00
parent 95ccb3a9c4
commit e8bac95aca
8 changed files with 5712 additions and 7 deletions
--- a/config/local-nginx.conf
+++ b/config/local-nginx.conf
@@ -2,7 +2,7 @@
 # This configuration serves files directly from the local repo directory

 # Main context - specify error log here to override system default
-error_log logs/error.log;
+error_log logs/error.log debug;
 pid logs/nginx.pid;

 events {
@@ -46,8 +46,8 @@ http {
        add_header X-Frame-Options DENY;
        add_header X-XSS-Protection "1; mode=block";
        
-        # Handle GET and HEAD requests for blob files - Blossom compliant
-        location ~ "^/([a-f0-9]{64}).*$" {
+        # Old working regex pattern - testing rollback
+        location ~ "^/([a-f0-9]{64})(\.[a-zA-Z0-9]+)?$" {
            limit_except HEAD GET {
                deny all;
            }
@@ -57,9 +57,11 @@ http {
                rewrite ^/(.*)$ /fcgi-head/$1 last;
            }
            
-            # GET requests served directly with hash-only lookup
-            try_files /$1* =404;
-            
+            # GET requests served directly with explicit file extensions
+            # try_files /$1 =404;
+            # try_files /$1.webp =404;
+            try_files /$1.pdf /$1.jpg /$1.jpeg /$1.png /$1.webp /$1.gif /$1.mp4 /$1.mp3 =404;
+        
            # Set appropriate headers for blobs
            add_header Cache-Control "public, max-age=31536000, immutable";
            add_header X-Content-Type-Options nosniff;
@@ -67,6 +69,33 @@ http {
            add_header X-XSS-Protection "1; mode=block";
        }
        
+        # Commented out problematic regex for reference
+        # location ~ "^/([a-f0-9]{64}).*$" {
+        #     limit_except HEAD GET {
+        #         deny all;
+        #     }
+        #     
+        #     # Debug headers to see what nginx is capturing
+        #     add_header X-Debug-Hash "$1" always;
+        #     add_header X-Debug-TryFiles "$1*" always;
+        #     add_header X-Debug-URI "$uri" always;
+        #     add_header X-Debug-Root "$document_root" always;
+        #     
+        #     # Route HEAD requests to FastCGI via rewrite
+        #     if ($request_method = HEAD) {
+        #         rewrite ^/(.*)$ /fcgi-head/$1 last;
+        #     }
+        #     
+        #     # GET requests served directly with hash-only lookup
+        #     try_files $1* =404;
+        #     
+        #     # Set appropriate headers for blobs
+        #     add_header Cache-Control "public, max-age=31536000, immutable";
+        #     add_header X-Content-Type-Options nosniff;
+        #     add_header X-Frame-Options DENY;
+        #     add_header X-XSS-Protection "1; mode=block";
+        # }
+        
        # FastCGI handler for HEAD requests
        location ~ "^/fcgi-head/([a-f0-9]{64}).*$" {
            internal;