Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
How to have nginx proxy_pass follow upstream 302 redirects (eg, when you're running a steam cache and you're behind Cox's layer 7 interception stuff)
# This config came around after a friend had problems with a Steam cache on his
# Cox internet connection. Cox would intercept any requests to Steam content
# servers and return a 302 to Cox's servers. The cache would return the 302
# to the Steam client, and the Steam client would go directly to Cox, bypassing
# the cache.
# This config makes nginx follow the 302 itself, and caches the result of the
# redirect as if it was the response to the original request. So subsequent
# requests to the URL that returned a 302 will get the file instead of a 302.
proxy_cache_path /cache keys_zone=steam:100m levels=1:2 inactive=100d max_size=1000g;
server {
listen 80;
charset utf-8;
client_max_body_size 75M;
# main cache block - when upstream responds with a 302, it's caught by
# error_page and passed off to the (nearly identical) @handle_redirects
location / {
proxy_pass http://web;
proxy_cache steam;
proxy_cache_key $uri;
proxy_cache_valid 200 206 3000h;
proxy_intercept_errors on;
error_page 301 302 307 = @handle_redirects;
}
location @handle_redirects {
#store the current state of the world so we can reuse it in a minute
# We need to capture these values now, because as soon as we invoke
# the proxy_* directives, these will disappear
set $original_uri $uri;
set $orig_loc $upstream_http_location;
# nginx goes to fetch the value from the upstream Location header
proxy_pass $orig_loc;
proxy_cache steam;
# But we store the result with the cache key of the original request URI
# so that future clients don't need to follow the redirect too
proxy_cache_key $original_uri;
proxy_cache_valid 200 206 3000h;
}
}
@croessner

This comment has been minimized.

Copy link

commented Feb 23, 2018

Thanks very much. This also works for Rspamd (https:/rspamd.com) -> proxy for phishtank maps. :-)

@sesong11

This comment has been minimized.

Copy link

commented Jun 14, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.