Skip to content

Instantly share code, notes, and snippets.

@misostack
Forked from benjaminbarbe/README.md
Created February 13, 2021 09:09
Show Gist options
  • Save misostack/a814db131db42f16d6335074e2889d9d to your computer and use it in GitHub Desktop.
Save misostack/a814db131db42f16d6335074e2889d9d to your computer and use it in GitHub Desktop.
Nginx proxy to S3 with caching
location ~* ^/s3/(.*) {
proxy_cache static;
proxy_cache_valid 200 24h;
proxy_hide_header x-amz-id-2;
proxy_hide_header x-amz-request-id;
proxy_hide_header Set-Cookie;
proxy_ignore_headers Set-Cookie;
set $bucket '<REPLACE WITH YOUR S3 BUCKET NAME>';
set $aws_access '<REPLACE WITH YOUR AWS ACCESS KEY>';
set $aws_secret '<REPLACE WITH YOUR AWS SECRET KEY>';
set $url_full "$1";
set_by_lua $now "return ngx.cookie_time(ngx.time())";
set $string_to_sign "GET\n\n\n\nx-amz-date:${now}\n/$bucket/$url_full";
set_hmac_sha1 $aws_signature $aws_secret $string_to_sign;
set_encode_base64 $aws_signature $aws_signature;
proxy_http_version 1.1;
proxy_set_header Host $bucket.s3.amazonaws.com;
proxy_set_header x-amz-date $now;
proxy_set_header Authorization "AWS $aws_access:$aws_signature";
# proxy_buffering off;
proxy_intercept_errors on;
rewrite .* /$url_full break;
proxy_pass http://s3.amazonaws.com;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment