+upstream keepproxy {
+ server 127.0.0.1:25107;
+}
+
server {
- server_name keep.example.com
- ...
- add_header 'Access-Control-Allow-Methods' 'GET, HEAD, POST, PUT, OPTIONS' always
- add_header 'Access-Control-Allow-Origin' '*' always
- add_header 'Access-Control-Allow-Headers' 'Authorization, Content-Length, Content-Type, X-Keep-Desired-Replicas' always
- add_header 'Access-Control-Max-Age' '86486400' always
+ listen [your public IP address]:443 ssl;
+ server_name keep.uuid_prefix.your.domain
+
+ proxy_connect_timeout 90s;
+ proxy_read_timeout 300s;
+ proxy_set_header X-Real-IP $remote_addr;
+
+ ssl on;
+ ssl_certificate /etc/nginx/keep.uuid_prefix.your.domain-ssl.crt;
+ ssl_certificate_key /etc/nginx/keep.uuid_prefix.your.domain-ssl.key;
+
+ # Clients need to be able to upload blocks of data up to 64MiB in size.
+ client_max_body_size 64m;
+
+ location / {
+ proxy_pass http://keepproxy;
+ }
}
-*Warning:* Make sure you don't inadvertently add CORS headers for services _other than keepproxy_ while you're doing this.
+Note: if the Web uploader is failing to upload data and there are no logs from keepproxy, be sure to check the nginx proxy logs. In addition to "GET" and "PUT", The nginx proxy must pass "OPTIONS" requests to keepproxy, which should respond with appropriate Cross-origin resource sharing headers. If the CORS headers are not present, brower security policy will cause the upload request to silently fail. The CORS headers are generated by keepproxy and should not be set in nginx.
h3. Tell the API server about the Keepproxy server
The API server needs to be informed about the presence of your Keepproxy server. Please execute the following commands on your