jpluscplusm/Curl request

## Curl request
# This is a request *directly* to the AAA/intelligent HTTPd, to demonstrate the additional response headers required to force the reproxy:
X-Reproxy-Uri, X-Reproxy-Host and X-Accel-Redirect.

jcm@austin:~/src/sinatra/nginx-test$ curl -v http://api-origin-server.mywebsite.internal/test
* About to connect() to 1.2.3.4 port 80 (#0)
* Trying 1.2.3.4... connected
* Connected to 1.2.3.4 (1.2.3.4) port 80 (#0)
> GET /test HTTP/1.1
> User-Agent: curl/7.21.0 (x86_64-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18
> Host: 1.2.3.4
> Accept: */*
>
1.2.3.4 - - [10/Jan/2012 14:50:11] "GET /test HTTP/1.1" 200 - 0.0005
< HTTP/1.1 200 OK
< X-Accel-Redirect: /reproxy/
< Connection: Keep-Alive
< Content-Type: text/html;charset=utf-8
< Date: Tue, 10 Jan 2012 14:50:11 GMT
< Server: WEBrick/1.3.1 (Ruby/1.8.7/2010-06-23)
< X-Reproxy-Uri: http://my-content-backend.mywebsite.internal/foo/bar
< X-Reproxy-Host: my-content-backend.mywebsite.internal
< Content-Length: 0
<

## nginx-snippet.conf
server {
  listen 8080;
  server_name api.mywebsite.com;
  # This doesn't inherit from the OS for some Russian reason ...
  resolver 10.0.10.1;

  # Route the first (AAA/intelligent/biz-logic-y) request here.
  location / {
    proxy_set_header Host $http_host;
    proxy_pass http://api-origin-server.mywebsite.internal;
  }

  # Route the second data/dumb/offload request here.
  # NB This path prefix will never be directly callable by external consumers.
  # There's no security risk, but probably make sure it's a reserved prefix.
  location /reproxy/ { internal;

    # don't let nginx act as sink for slow clients
    proxy_max_temp_file_size 0;

    # "set"s are needed due to module ordering (or something).
    # Without them, Host: doesn't get sent to the 2nd origin.
    # I.e. they can't be optimised away
    set $reproxy_http_host $upstream_http_x_reproxy_host;
    set $reproxy_uri $upstream_http_x_reproxy_uri;

    # Inherit the Content-Type header (i.e. if the AAA server knows best)
    proxy_hide_header Content-Type;
    proxy_set_header Host $reproxy_http_host;
    proxy_pass $reproxy_uri;
  }
}
	# This is a request directly to the AAA/intelligent HTTPd, to demonstrate the additional response headers required to force the reproxy:
	X-Reproxy-Uri, X-Reproxy-Host and X-Accel-Redirect.

	jcm@austin:~/src/sinatra/nginx-test$ curl -v http://api-origin-server.mywebsite.internal/test
	* About to connect() to 1.2.3.4 port 80 (#0)
	* Trying 1.2.3.4... connected
	* Connected to 1.2.3.4 (1.2.3.4) port 80 (#0)
	> GET /test HTTP/1.1
	> User-Agent: curl/7.21.0 (x86_64-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.18
	> Host: 1.2.3.4
	> Accept: /
	>
	1.2.3.4 - - [10/Jan/2012 14:50:11] "GET /test HTTP/1.1" 200 - 0.0005
	< HTTP/1.1 200 OK
	< X-Accel-Redirect: /reproxy/
	< Connection: Keep-Alive
	< Content-Type: text/html;charset=utf-8
	< Date: Tue, 10 Jan 2012 14:50:11 GMT
	< Server: WEBrick/1.3.1 (Ruby/1.8.7/2010-06-23)
	< X-Reproxy-Uri: http://my-content-backend.mywebsite.internal/foo/bar
	< X-Reproxy-Host: my-content-backend.mywebsite.internal
	< Content-Length: 0
	<
	server {
	listen 8080;
	server_name api.mywebsite.com;
	# This doesn't inherit from the OS for some Russian reason ...
	resolver 10.0.10.1;

	# Route the first (AAA/intelligent/biz-logic-y) request here.
	location / {
	proxy_set_header Host $http_host;
	proxy_pass http://api-origin-server.mywebsite.internal;
	}

	# Route the second data/dumb/offload request here.
	# NB This path prefix will never be directly callable by external consumers.
	# There's no security risk, but probably make sure it's a reserved prefix.
	location /reproxy/ { internal;

	# don't let nginx act as sink for slow clients
	proxy_max_temp_file_size 0;

	# "set"s are needed due to module ordering (or something).
	# Without them, Host: doesn't get sent to the 2nd origin.
	# I.e. they can't be optimised away
	set $reproxy_http_host $upstream_http_x_reproxy_host;
	set $reproxy_uri $upstream_http_x_reproxy_uri;

	# Inherit the Content-Type header (i.e. if the AAA server knows best)
	proxy_hide_header Content-Type;
	proxy_set_header Host $reproxy_http_host;
	proxy_pass $reproxy_uri;
	}
	}