- TileServer-GL + nginx reverse proxy (docker-compose) - CORS-Konfiguration für MediaWiki, Nextcloud & weitere Dienste - Rate-Limiting & Tile-Caching-Header via nginx - config/config.json: OSM + Satellitenkacheln - scripts/download-data.sh: Planetiler (OSM), Sentinel-2 Hinweise - docs: API-Endpoints, MediaWiki Kartographer, Nextcloud Maps - .gitignore: MBTiles/PMTiles und .env ausgeschlossen
53 lines
1.8 KiB
Nginx Configuration File
53 lines
1.8 KiB
Nginx Configuration File
worker_processes auto;
|
||
events { worker_connections 1024; }
|
||
|
||
http {
|
||
include mime.types;
|
||
default_type application/octet-stream;
|
||
sendfile on;
|
||
keepalive_timeout 65;
|
||
|
||
# Rate limiting – schützt vor Missbrauch durch externe Dienste
|
||
limit_req_zone $binary_remote_addr zone=tiles:10m rate=100r/s;
|
||
|
||
server {
|
||
listen 80;
|
||
server_name _;
|
||
|
||
# CORS für alle Clients (MediaWiki, Nextcloud, etc.)
|
||
include /etc/nginx/cors.conf;
|
||
|
||
location / {
|
||
limit_req zone=tiles burst=200 nodelay;
|
||
|
||
proxy_pass http://tileserver:8080;
|
||
proxy_set_header Host $host;
|
||
proxy_set_header X-Real-IP $remote_addr;
|
||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||
proxy_set_header X-Forwarded-Proto $scheme;
|
||
|
||
# Tile-Caching-Header
|
||
proxy_hide_header Cache-Control;
|
||
add_header Cache-Control "public, max-age=86400, stale-while-revalidate=3600";
|
||
|
||
# CORS-Header (aus cors.conf)
|
||
add_header Access-Control-Allow-Origin "*" always;
|
||
add_header Access-Control-Allow-Methods "GET, OPTIONS" always;
|
||
add_header Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept" always;
|
||
}
|
||
|
||
# CORS Preflight
|
||
location ~* \.(pbf|png|jpg|json)$ {
|
||
if ($request_method = OPTIONS) {
|
||
add_header Access-Control-Allow-Origin "*";
|
||
add_header Access-Control-Allow-Methods "GET, OPTIONS";
|
||
add_header Access-Control-Max-Age 86400;
|
||
return 204;
|
||
}
|
||
|
||
proxy_pass http://tileserver:8080;
|
||
add_header Access-Control-Allow-Origin "*" always;
|
||
add_header Cache-Control "public, max-age=86400";
|
||
}
|
||
}
|
||
}
|