Skip to content

Instantly share code, notes, and snippets.

@JAndritsch
Created March 5, 2013 00:12
Show Gist options
  • Save JAndritsch/5086894 to your computer and use it in GitHub Desktop.
Save JAndritsch/5086894 to your computer and use it in GitHub Desktop.
upstream some_app_server {
server 127.0.0.1:9393;
}
server {
listen 80;
server_name my-upload-endpoint.com ;
# Note that these settings are custom to this example and can be modified.
# Use caution when doing this, however. You should specify a client_body_buffer_size
# of less than the size of your file chunks. If so, you will experience some performance
# issues.
client_max_body_size 4G;
client_body_buffer_size 1024k;
root /home/path/to/your_site;
try_files $uri/index.html $uri @fast_upload_endpoint;
# this block restricts upload requests to a specific domain
if ($host !~* ^(localhost) ) {
}
location = /uploads {
# For CORS
if ($request_method = OPTIONS) {
add_header Pragma no-cache;
add_header X-Content-Type-Options nosniff;
# Access control for CORS
add_header Access-Control-Allow-Origin "http://www.somesite.com";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent";
add_header Access-Control-Allow-Credentials "true";
# 10 minute pre-flight approval
add_header Access-Control-Max-Age 600;
return 204;
}
if ($request_method = POST) {
add_header Pragma no-cache;
add_header X-Content-Type-Options nosniff;
#add_header Cache-control "no-story, no-cache, must-revalidate";
# Access control for CORS
add_header Access-Control-Allow-Origin "http://www.somesite.com";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent";
add_header Access-Control-Allow-Credentials "true";
# 10 minute pre-flight approval
add_header Access-Control-Max-Age 600;
# Headers specifically for the upload module
upload_add_header Access-Control-Allow-Origin "http://www.somesite.com";
upload_add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
upload_add_header Access-Control-Allow-Credentials "true";
upload_add_header Access-Control-Allow-Headers "cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent";
# Set specified fields in request body
# This puts the original filename, new path+filename and content type
# in the requests params
upload_set_form_field $upload_field_name.name "$upload_file_name";
upload_set_form_field $upload_field_name.content_type "$upload_content_type";
upload_set_form_field $upload_field_name.path "$upload_tmp_path";
upload_pass_form_field "^X-Progress-ID$|^authenticity_token$";
upload_cleanup 400 404 499 500-505;
}
upload_pass @fast_upload_endpoint;
# Where you want the uploads to go. Note that the "1" in this instance is a placeholder
# that will map automatically to a folder in the directory specified. The upload module
# knows which folder to choose based on the last character in the sessionID. The sessionID
# we generate is done by blueimp, and nginx uses that sessionID for the uploaded file's name.
# If the filename ends with "g", then you would expect to see the file in the /var/uploads/g
# folder.
# To ensure that your uploads go where you expect them, you should create a single folder for
# every alphanumeric (a-zA-Z0-9).
upload_store /var/uploads 1;
# The upload_state folder is where your .state files will live. These files are used to track
# the progress of chunked uploads. Note that you do not need a "1" here, as they all go into
# the same folder.
upload_state_store /var/upload_state;
# set permissions on the uploaded files
upload_store_access user:rw group:rw all:r;
}
location @fast_upload_endpoint {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass_header 'Access-Control-Allow-Origin';
proxy_pass http://some_app_server;
}
}
@deweydb
Copy link

deweydb commented Jun 13, 2015

Am i missing something obvious? or is this file incorrect? it seems without the:
upload_resumable on;
directive, i just get 415 server errors.

@F-3r
Copy link

F-3r commented Jun 19, 2015

@deweydb yes! Thanks!
Also, I think the uploads will fail unless the destination dirs under /var/uploads do not exist.

@shimaooo
Copy link

I got an error: nginx: [emerg] unknown directive "upload_add_header" in ....conf

@jeremiah
Copy link

I got an error: nginx: [emerg] unknown directive "upload_add_header" in ....conf

Me too.

@JAndritsch
Copy link
Author

Wow, what a blast from the past! I wouldn't trust any of the config shown here. I wrote this 8 years ago. It worked then, but probably doesn't now.

@darkvovich
Copy link

upload_add_header

Me too. Because NGINX Upload Module is external paid lib.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment