1 #config cache size and path to the cache directory, you should make sure that the user that is running nginx have permissions to access the cache directory
2 #max_size means that Nginx will not cache more than 20G, It should be tuned to a larger number if the /data/cache is bigger
3 proxy_cache_path /data/cache levels=2:2:2 keys_zone=mycache:999m max_size=20G inactive=1d use_temp_path=off;
5 # List of all rgws (ips or resolvable names)
6 server rgw1:8000 max_fails=2 fail_timeout=5s;
7 server rgw2:8000 max_fails=2 fail_timeout=5s;
8 server rgw3:8000 max_fails=2 fail_timeout=5s;
13 location /authentication {
15 client_max_body_size 0;
16 proxy_pass http://rgws$request_uri;
17 proxy_pass_request_body off;
18 proxy_set_header Host $host;
19 # setting x-rgw-auth allow the RGW the ability to only authorize the request without fetching the obj data
20 proxy_set_header x-rgw-auth "yes";
21 proxy_set_header Authorization $http_authorization;
22 proxy_http_version 1.1;
23 proxy_method $request_method;
24 # Do not convert HEAD requests into GET requests
25 proxy_cache_convert_head off;
26 error_page 404 = @outage;
27 proxy_intercept_errors on;
28 if ($request_uri = "/") {
31 # URI included with question mark is not being cached
32 if ($request_uri ~* (\?)) {
35 if ($request_method = "PUT") {
38 if ($request_method = "POST") {
41 if ($request_method = "HEAD") {
44 if ($request_method = "COPY") {
47 if ($request_method = "DELETE") {
53 if ($http_authorization !~* "aws4_request") {
61 auth_request /authentication;
62 proxy_pass http://rgws;
63 # if $do_not_cache is not empty the request would not be cached, this is relevant for list op for example
65 # the IP or name of the RGWs
66 #proxy_set_header Authorization $http_authorization;
67 # my cache configured at the top of the file
69 proxy_cache_lock_timeout 0s;
70 proxy_cache_lock_age 1000s;
71 proxy_http_version 1.1;
72 # Getting 403 if this header not set
73 proxy_set_header Host $host;
74 # Cache all 200 OK's for 1 day
75 proxy_cache_valid 200 206 1d;
76 # Use stale cache file in all errors from upstream if we can
77 proxy_cache_use_stale updating;
78 proxy_cache_background_update on;
79 # Try to check if etag have changed, if yes, do not re-fetch from rgw the object
80 proxy_cache_revalidate on;
81 # Lock the cache so that only one request can populate it at a time
83 # prevent conversion of head requests to get requests
84 proxy_cache_convert_head off;
85 # Listing all buckets should not be cached
86 if ($request_uri = "/") {
87 set $do_not_cache "no";
89 # URI including question mark are not supported to prevent bucket listing cache
90 if ($request_uri ~* (\?)) {
91 set $do_not_cache "no";
93 # Use the original x-amz-date if the aws auth module didn't create one
94 proxy_no_cache $do_not_cache;
95 proxy_set_header Authorization $http_authorization;
96 proxy_set_header Range $http_range;
97 # This is on which content the nginx to use for hashing the cache keys
98 proxy_cache_key "$request_uri$request_method$request_body$http_range";
99 client_max_body_size 0;