rd13_tile_server/nginx/nginx.conf

54 lines
1.8 KiB
Nginx Configuration File
Raw Normal View History

worker_processes auto;
events { worker_connections 1024; }
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
# Rate limiting schützt vor Missbrauch durch externe Dienste
limit_req_zone $binary_remote_addr zone=tiles:10m rate=100r/s;
server {
listen 80;
server_name _;
# CORS für alle Clients (MediaWiki, Nextcloud, Home Assistant, etc.)
include /etc/nginx/cors.conf;
location / {
limit_req zone=tiles burst=200 nodelay;
proxy_pass http://tileserver:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Tile-Caching-Header
proxy_hide_header Cache-Control;
add_header Cache-Control "public, max-age=86400, stale-while-revalidate=3600";
# CORS-Header (aus cors.conf)
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept" always;
}
# CORS Preflight
location ~* \.(pbf|png|jpg|json)$ {
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, OPTIONS";
add_header Access-Control-Max-Age 86400;
return 204;
}
proxy_pass http://tileserver:8080;
add_header Access-Control-Allow-Origin "*" always;
add_header Cache-Control "public, max-age=86400";
}
}
}