agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-30 12:24:25 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
ae0f6b66ea7dcec7a330c260fe6b645bd3f5cfde
overleaf-cep/services/clsi/nginx.conf
Jakob Ackermann 6c6e8d9a97 [monorepo] switch all output file reads to clsi-nginx (#31691) 
* [monorepo] switch all output file reads to clsi-nginx

* [clsi-lb] allow gallery download requests

* [terraform] clsi: use nginx.conf from clsi service

* [clsi] fix flakey tests

* [clsi] replace alias with rewrite and root in nginx config

* [k8s] clsi-lb: expose download port on internal service

* [web] add explicit endpoint for downloading all output files

Serve the output.zip endpoint from clsi.

* [clsi] fix regex for latexqc submission ids

Previously, we only handled template submission ids.

GitOrigin-RevId: 6c3b21b01ec41ae767530b14aac31fbe3d640dd5
2026-02-24 09:07:12 +00:00

113 lines
3.5 KiB
Nginx Configuration File
Raw Blame History

# keep in sync with server-ce/nginx/clsi-nginx.conf
server {
add_header 'X-Served-By' 'clsi-nginx' always;
listen 8080;
server_name clsi-nginx;
server_tokens off;
access_log off;
# Ignore symlinks possibly created by users
disable_symlinks on;
# enable compression for tex auxiliary files, but not for pdf files
gzip on;
gzip_types text/plain;
gzip_proxied any;
types {
text/plain log blg aux stdout stderr;
application/pdf pdf;
}
# user content domain access check
# The project-id is zero prefixed. No actual user project uses these ids.
# mongo-id 000000000000000000000000 -> 1970-01-01T00:00:00.000Z
# mongo-id 000000010000000000000000 -> 1970-01-01T00:00:01.000Z
# mongo-id 100000000000000000000000 -> 1978-07-04T21:24:16.000Z
# This allows us to distinguish between check-traffic and regular output traffic.
location ~ ^/project/0([0-9a-f]+)/user/([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.pdf$ {
if ($request_method = 'OPTIONS') {
# handle OPTIONS method for CORS requests
add_header 'Allow' 'GET,HEAD';
return 204;
}
alias /var/clsi/tiny.pdf;
}
location ~ ^/project/0([0-9a-f]+)/build/([0-9a-f-]+)/output/output\.pdf$ {
if ($request_method = 'OPTIONS') {
# handle OPTIONS method for CORS requests
add_header 'Allow' 'GET,HEAD';
return 204;
}
alias /var/clsi/tiny.pdf;
}
# handle output files for specific users
location ~ ^/project/([0-9a-f]+)/user/([0-9a-f]+)/build/([0-9a-f-]+)/output/(.+)$ {
if ($request_method = 'OPTIONS') {
# handle OPTIONS method for CORS requests
add_header 'Allow' 'GET,HEAD';
return 204;
}
rewrite ^/project/([0-9a-f]+)/user/([0-9a-f]+)/build/([0-9a-f-]+)/output/(.+)$ /$4 break;
root /output/$1-$2/generated-files/$3/;
}
# handle output files for anonymous users
location ~ ^/project/([0-9a-f]+)/build/([0-9a-f-]+)/output/(.+)$ {
if ($request_method = 'OPTIONS') {
# handle OPTIONS method for CORS requests
add_header 'Allow' 'GET,HEAD';
return 204;
}
rewrite ^/project/([0-9a-f]+)/build/([0-9a-f-]+)/output/(.+)$ /$3 break;
root /output/$1/generated-files/$2/;
}
# handle output files for submissions
location ~ ^/project/([a-z0-9_-]+)/build/([0-9a-f-]+)/output/(.+)$ {
if ($request_method = 'OPTIONS') {
# handle OPTIONS method for CORS requests
add_header 'Allow' 'GET,HEAD';
return 204;
}
rewrite ^/project/([a-z0-9_-]+)/build/([0-9a-f-]+)/output/(.+)$ /$3 break;
root /output/$1/generated-files/$2/;
}
# PDF range for specific users
location ~ ^/project/([0-9a-f]+)/user/([0-9a-f]+)/content/([0-9a-f-]+/[0-9a-f]+)$ {
if ($request_method = 'OPTIONS') {
# handle OPTIONS method for CORS requests
add_header 'Allow' 'GET,HEAD';
return 204;
}
# Cache for one day
expires 1d;
alias /output/$1-$2/content/$3;
}
# PDF range for anonymous users
location ~ ^/project/([0-9a-f]+)/content/([0-9a-f-]+/[0-9a-f]+)$ {
if ($request_method = 'OPTIONS') {
# handle OPTIONS method for CORS requests
add_header 'Allow' 'GET,HEAD';
return 204;
}
# Cache for one day
expires 1d;
alias /output/$1/content/$2;
}
# status endpoint for haproxy httpchk option
location /status {
return 200;
}
# load shedding probe
location = /instance-state {
alias /var/clsi/instance-state;
}
# Do not look up any non matching files in the default root.
location / {
return 404;
}
}
Reference in New Issue View Git Blame Copy Permalink