fix: nginx config changes for prod (#9919)

conf/nginx/conf.d/expires-no-json-xml.conf

@@ -0,0 +1 @@
+../snippets/expires-no-json-xml.conf

conf/nginx/sites-available/howmuchsugar

@@ -11,7 +11,7 @@ map $howmuchsugar_name $howmuchsugar_lang {
 	combiendesucres fr;
 }
 
-include /etc/nginx/snippets/expires-no-json-xml.conf;
+# variables definitions for expiry headers are loaded from /etc/nginx/conf.d/expires-no-json-xml.conf
 
 log_format proxied_requests2
   '$http_x_forwarded_for - $remote_user [$time_local] '
@@ -36,19 +36,19 @@ server {
 	index index.html index.htm index.nginx-debian.html;
 
 	location ~* \.(eot|ttf|woff|woff2)$ {
-		include /etc/nginx/snippets/expiry-headers.conf;
+		include snippets/expiry-headers.include;
 		add_header Access-Control-Allow-Origin *;
 	}
 
 	location ~ ^/(favicon.ico) {
-		include /etc/nginx/snippets/expiry-headers.conf;
+		include snippets/expiry-headers.include;
 		# First attempt to serve request as file, then
 		# as directory, then fall back to displaying a 404.
 		try_files $howmuchsugar_name-favicon.ico =404;
 	}
 
 	location ~ ^/(.well-known|images|js|rss|data|files|resources|foundation)/ {
-		include /etc/nginx/snippets/expiry-headers.conf;
+		include snippets/expiry-headers.include;
 		# First attempt to serve request as file, then
 		# as directory, then fall back to displaying a 404.
 		try_files $uri $uri/ =404;
@@ -59,13 +59,13 @@ server {
 	}
 
 	location ~ ^/$ {
-		include /etc/nginx/snippets/expires-no-json-xml.conf;
+		include snippets/expiry-headers.include;
 		try_files $uri /$howmuchsugar_name.html;
 	}
 
 	# redirect to .html files
 	location / {
-		include /etc/nginx/snippets/expires-no-json-xml.conf;
+		include snippets/expiry-headers.include;
 		try_files $uri $uri.html =404;
 	}
 

conf/nginx/sites-available/madenearme

@@ -7,7 +7,7 @@ map $host $madenearme_name {
 
 }
 
-include /etc/nginx/snippets/expires-no-json-xml.conf;
+# variables definitions for expiry headers are loaded from /etc/nginx/conf.d/expires-no-json-xml.conf
 
 server {
 	listen 80;
@@ -28,27 +28,27 @@ server {
 
 	location ~* \.(eot|ttf|woff|woff2)$ {
 		add_header Access-Control-Allow-Origin *;
-		include /etc/nginx/snippets/expires-no-json-xml.conf;
+		include snippets/expiry-headers.include;
 	}
 
 	location ~ ^/images/products/ {
 		add_header Link "<http://creativecommons.org/licenses/by-sa/3.0/>; rel='license'; title='CC-BY-SA 3.0'";
-		include /etc/nginx/snippets/expires-no-json-xml.conf;
+		include snippets/expiry-headers.include;
 	}
 
 	location ~ ^/(favicon.ico) {
 		# First attempt to serve request as file, then
 		# as directory, then fall back to displaying a 404.
 		try_files $uri /images/misc/$madenearme_name.16x16.png;
-		include /etc/nginx/snippets/expires-no-json-xml.conf;
+		include snippets/expiry-headers.include;
 	}
 
 
 	location ~ ^/(.well-known|images|js|rss|data|files|resources|foundation)/ {
 		# First attempt to serve request as file, then
 		# as directory, then fall back to displaying a 404.
 		try_files $uri $uri/ =404;
-		include /etc/nginx/snippets/expires-no-json-xml.conf;
+		include snippets/expiry-headers.include;
 	}
 
 	location = /robots.txt {
@@ -57,7 +57,7 @@ server {
 
 	location / {
 		try_files $uri /data/$madenearme_name.html;
-		include /etc/nginx/snippets/expires-no-json-xml.conf;
+		include snippets/expiry-headers.include;
 	}
 
 }

conf/nginx/sites-available/off

@@ -13,9 +13,7 @@ server {
 	}
 }
 
-# variables definitions for expiry headers
-include /etc/nginx/snippets/expires-no-json-xml.conf;
-
+# variables definitions for expiry headers are loaded from /etc/nginx/conf.d/expires-no-json-xml.conf
 
 server {
 
@@ -32,9 +30,10 @@ server {
 	client_body_timeout 120s;
 	client_header_timeout 120s;
 
-	# logs location
-	access_log /var/log/nginx/${productopener_access_file_prefix}off-access.log proxied_requests buffer=256K flush=1s;
-	error_log /var/log/nginx/off-error.log;
+	# logs location: default is static-off, will be changed to proxy-off
+	# for requests passed to Apache
+	access_log /var/log/nginx/static-off-access.log proxied_requests buffer=256K flush=1s;
+	error_log /var/log/nginx/static-off-error.log;
 
 	# some redirection for specific subdomains
 	include snippets/off.domain-redirects.include;
@@ -45,14 +44,6 @@ server {
 
 	index index.html index.htm index.nginx-debian.html;
 
-	location /data/ {
-        include snippets/off.cors-headers.include;
-		include snippets/expiry-headers.include;
-		# First attempt to serve request as file, then
-		# as directory, then fall back to displaying a 404.
-		try_files $uri $uri/ =404;
-	}
-
 	location ~ ^/images/products/ {
 		include snippets/off.cors-headers.include;
 		include snippets/expiry-headers.include;
@@ -72,12 +63,6 @@ server {
 	try_files /1.json = 404;
 	}
 
-	location ~ ^/(favicon.ico) {
-		# First attempt to serve request as file, then
-		# as directory, then fall back to displaying a 404.
-		try_files $uri $uri/ =404;
-	}
-
 	# Static files are served directly by NGINX
 
 	location ~ ^/(favicon.ico) {
@@ -87,7 +72,7 @@ server {
 	}
 
 	# Static files are served directly by NGINX
-	location ~ ^/(.well-known|files)/ {
+	location ~ ^/(.well-known|files|data|exports|dump)/ {
 		include snippets/off.cors-headers.include;
 		include snippets/expiry-headers.include;
 		# First attempt to serve request from resource, then as file,
@@ -96,7 +81,7 @@ server {
 		gzip_static always;
 		gunzip on;
 	}
-	location ~ ^/(images|fonts|css|js|rss|foundation|bower_components)/ {
+	location ~ ^/(images|fonts|css|js|donate|resources)/ {
 		include snippets/off.cors-headers.include;
 		include snippets/expiry-headers.include;
 		# First attempt to serve request as file, off_web_html acting as an override,
@@ -116,7 +101,6 @@ server {
 	location = /.well-known/assetlinks.json {
 		include snippets/off.cors-headers.include;
 		include snippets/expiry-headers.include;
-		expires 1d;
 		try_files $uri =404;
 	}
 
@@ -131,6 +115,8 @@ server {
 		# recursive hosts as we are proxying behind a proxy
 		set_real_ip_from 10.0.0.0/8;
 		real_ip_recursive on;
+	        access_log /var/log/nginx/proxy-off-access.log proxied_requests buffer=256K flush=1s;
+	        error_log /var/log/nginx/proxy-off-error.log;
 
 		proxy_pass http://127.0.0.1:8004/cgi/display.pl?;
 	}
@@ -140,6 +126,8 @@ server {
 		# recursive hosts as we are proxying behind a proxy
 		set_real_ip_from 10.0.0.0/8;
 		real_ip_recursive on;
+	        access_log /var/log/nginx/proxy-off-access.log proxied_requests buffer=256K flush=1s;
+	        error_log /var/log/nginx/proxy-off-error.log;
 
 		proxy_pass http://127.0.0.1:8004;
 	}

conf/nginx/sites-available/off-pro

@@ -13,7 +13,7 @@ server {
 	}
 }
 
-include /etc/nginx/snippets/expires-no-json-xml.conf;
+# variables definitions for expiry headers are loaded from /etc/nginx/conf.d/expires-no-json-xml.conf
 
 server {
 
@@ -36,23 +36,17 @@ server {
 	send_timeout                1200;
 
 	# logs location
-	access_log /var/log/nginx/${productopener_access_file_prefix}off-access.log proxied_requests;
-	error_log /var/log/nginx/off-error.log;
+	# logs location: default is static-off, will be changed to proxy-off
+	# for requests passed to Apache
+	access_log /var/log/nginx/static-off-access.log proxied_requests buffer=256K flush=1s;
+	error_log /var/log/nginx/static-off-error.log;
 
 	gzip on;
 	gzip_min_length 1000;
 	gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript text/csv;
 
 	index index.html index.htm index.nginx-debian.html;
 
-	location /data/ {
-        include snippets/off.cors-headers.include;
-		include snippets/expiry-headers.include;
-		# First attempt to serve request as file, then
-		# as directory, then fall back to displaying a 404.
-		try_files $uri $uri/ =404;
-	}
-
 	location ~ ^/images/products/ {
 		include snippets/off.cors-headers.include;
 		include snippets/expiry-headers.include;
@@ -69,7 +63,7 @@ server {
 	}
 
 	# Static files are served directly by NGINX
-	location ~ ^/(.well-known|files)/ {
+	location ~ ^/(.well-known|files|data|exports|dump)/ {
 		include snippets/off.cors-headers.include;
 		include snippets/expiry-headers.include;
 		# First attempt to serve request from resource, then as file,
@@ -78,7 +72,7 @@ server {
 		gzip_static always;
 		gunzip on;
 	}
-	location ~ ^/(images|fonts|css|js|rss|foundation|bower_components)/ {
+	location ~ ^/(images|fonts|css|js|donate|resources)/ {
 		include snippets/off.cors-headers.include;
 		include snippets/expiry-headers.include;
 		# First attempt to serve request as file, off_web_html acting as an override,
@@ -97,6 +91,8 @@ server {
 		# recursive hosts as we are proxying behind a proxy
 		set_real_ip_from 10.0.0.0/8;
 		real_ip_recursive on;
+		access_log /var/log/nginx/proxy-off-access.log proxied_requests buffer=256K flush=1s;
+	        error_log /var/log/nginx/proxy-off-error.log;
 
 		proxy_pass http://127.0.0.1:8014/cgi/display.pl?;
 	}
@@ -106,6 +102,8 @@ server {
 		# recursive hosts as we are proxying behind a proxy
 		set_real_ip_from 10.0.0.0/8;
 		real_ip_recursive on;
+		access_log /var/log/nginx/proxy-off-access.log proxied_requests buffer=256K flush=1s;
+	        error_log /var/log/nginx/proxy-off-error.log;
 
 		proxy_pass http://127.0.0.1:8014;
 	}

conf/nginx/snippets/expires-no-json-xml.conf

@@ -30,17 +30,6 @@ map $uri $productopener_is_public_cache {
   "~*\.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|ico)$" public;
 }
 
-map $uri $productopener_access_file_prefix {
-	default "";
-	# Media: images, icons, video, audio, HTC
-	"~*\.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$" "static-";
-	# CSS and Javascript
-	"~*\.(?:css|js)$" "static-";
-	# Web Fonts
-	"~*\.(?:ttf|ttc|otf|eot|woff|woff2)$" "static-";
-}
-
-
 # # cache.appcache, your document html and data
 # location ~* \.(?:manifest|appcache|html?)$ {
 #   expires -1;