svdgraaf/build

## build
$ ./configure --add-module=/home/svdgraaf/tmp/nginx/ngx_http_bytes_filter_module-57365655ee44 --with-http_geoip_module --add-module=/home/svdgraaf/tmp/nginx/ngx_secure_download

## nginx with geo ip, proxy and RANGE
http {
    include       mime.types;
    default_type  application/octet-stream;

    # location of the GeoIP data file, get it from
    # http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
    geoip_country  /home/svdgraaf/tmp/GeoIP.dat;

    log_format  main  '$remote_addr :: $geoip_country_code :: $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

 proxy_cache_path  /tmp         levels=1:2    keys_zone=STATIC:10m inactive=24h  max_size=1g;

    server {
        listen       80;
        server_name  localhost;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        # example url: /g/NL/m1fznq9f7qnd.flv/dc853451170312f7ab4bbfd9cde6f7c1/4c975926
        location ~* /g/(..)/.* {
                set $req_country $1;

                log_format  extra  '$remote_addr :: $geoip_country_code :: $req_country :: $remote_user [$time_local] "$request" '
                                  '$status $body_bytes_sent "$http_referer" '
                                  '"$http_user_agent" "$http_x_forwarded_for"';

                access_log  logs/access.log  extra;


                secure_download on;
                secure_download_secret 'xyz';
                secure_download_path_mode file;
                if ($secure_download = "-1") {
                        rewrite /expired.html break;
                }
                if ($secure_download = "-2") {
                        rewrite /bad_hash.html break;
                }
                if ($secure_download = "-3") {
                        return 500;
                }

                if ($geoip_country_code = $req_country) {
                        rewrite ^/g/(.+)/(.*)/[0-9a-zA-Z]*/[0-9a-zA-Z]*$ /m/$2 break;
                        proxy_pass http://media.zie.nl;
                }
                return 403;
        }
}

## secure.php
<?php

// media id
$filename = 'm1fznq9f7qnd.flv';
$dir = '/g/';

// which country should be allowed?
$country = 'NL';

// private key, this is defined in the nginx.conf
$private = 'xyz';

// timestamp to hex, 30 minute access
$timestamp = dechex(time() + 60*30);

// define the secred
$secret = "{$dir}{$country}/{$filename}/{$private}/{$timestamp}";
$hash = md5($secret);

// this is the end url, eg: http://62.69.161.100/g/NL/m1fznq9f7qnd.flv/dc853451170312f7ab4bbfd9cde6f7c1/4c975926
$url = "http://62.69.161.100{$dir}{$country}/{$filename}/{$hash}/{$timestamp}";

echo "<h1>Geo code for {$country}, {$filename}</h1>";
echo "<h2>Secret: {$secret}</h2>";
echo "<a href='{$url}'>{$url}</a>";
?>
	http {
	include mime.types;
	default_type application/octet-stream;

	# location of the GeoIP data file, get it from
	# http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz
	geoip_country /home/svdgraaf/tmp/GeoIP.dat;

	log_format main '$remote_addr :: $geoip_country_code :: $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';

	access_log logs/access.log main;

	sendfile on;
	#tcp_nopush on;

	#keepalive_timeout 0;
	keepalive_timeout 65;

	#gzip on;

	proxy_cache_path /tmp levels=1:2 keys_zone=STATIC:10m inactive=24h max_size=1g;

	server {
	listen 80;
	server_name localhost;

	#charset koi8-r;

	#access_log logs/host.access.log main;

	# example url: /g/NL/m1fznq9f7qnd.flv/dc853451170312f7ab4bbfd9cde6f7c1/4c975926
	location ~* /g/(..)/.* {
	set $req_country $1;

	log_format extra '$remote_addr :: $geoip_country_code :: $req_country :: $remote_user [$time_local] "$request" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';

	access_log logs/access.log extra;


	secure_download on;
	secure_download_secret 'xyz';
	secure_download_path_mode file;
	if ($secure_download = "-1") {
	rewrite /expired.html break;
	}
	if ($secure_download = "-2") {
	rewrite /bad_hash.html break;
	}
	if ($secure_download = "-3") {
	return 500;
	}

	if ($geoip_country_code = $req_country) {
	rewrite ^/g/(.+)/(.)/[0-9a-zA-Z]/[0-9a-zA-Z]*$ /m/$2 break;
	proxy_pass http://media.zie.nl;
	}
	return 403;
	}
	}
	<?php

	// media id
	$filename = 'm1fznq9f7qnd.flv';
	$dir = '/g/';

	// which country should be allowed?
	$country = 'NL';

	// private key, this is defined in the nginx.conf
	$private = 'xyz';

	// timestamp to hex, 30 minute access
	$timestamp = dechex(time() + 60*30);

	// define the secred
	$secret = "{$dir}{$country}/{$filename}/{$private}/{$timestamp}";
	$hash = md5($secret);

	// this is the end url, eg: http://62.69.161.100/g/NL/m1fznq9f7qnd.flv/dc853451170312f7ab4bbfd9cde6f7c1/4c975926
	$url = "http://62.69.161.100{$dir}{$country}/{$filename}/{$hash}/{$timestamp}";

	echo "<h1>Geo code for {$country}, {$filename}</h1>";
	echo "<h2>Secret: {$secret}</h2>";
	echo "<a href='{$url}'>{$url}</a>";
	?>