From afb56503da78d9bee12f197f83f68d01d46deeb8 Mon Sep 17 00:00:00 2001
From: Eliot Berriot <contact@eliotberriot.com>
Date: Mon, 19 Feb 2018 20:20:49 +0100
Subject: [PATCH] Updated example nginx deployment conf for transcoding

---
 deploy/nginx.conf | 52 ++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 45 insertions(+), 7 deletions(-)

diff --git a/deploy/nginx.conf b/deploy/nginx.conf
index cf865a9ea..dfdbac2ae 100644
--- a/deploy/nginx.conf
+++ b/deploy/nginx.conf
@@ -39,6 +39,15 @@ server {
 
     root /srv/funkwhale/front/dist;
 
+    # global proxy conf
+    proxy_set_header Host $host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-Host   $host:$server_port;
+    proxy_set_header X-Forwarded-Port   $server_port;
+    proxy_redirect off;
+
     location / {
         try_files $uri $uri/ @rewrites;
     }
@@ -49,15 +58,9 @@ server {
     location /api/ {
         # this is needed if you have file import via upload enabled
         client_max_body_size 30M;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_set_header X-Forwarded-Host   $host:$server_port;
-        proxy_set_header X-Forwarded-Port   $server_port;
-        proxy_redirect off;
         proxy_pass   http://funkwhale-api/api/;
     }
+
     location /media/ {
         alias /srv/funkwhale/data/media/;
     }
@@ -70,6 +73,41 @@ server {
         alias   /srv/funkwhale/data/media;
     }
 
+    # Transcoding logic and caching
+    location = /transcode-auth {
+        # needed so we can authenticate transcode requests, but still
+        # cache the result
+        internal;
+        set $query '';
+        # ensure we actually pass the jwt to the underlytin auth url
+        if ($request_uri ~* "[^\?]+\?(.*)$") {
+            set $query $1;
+        }
+        proxy_set_header X-Forwarded-Host   $host:$server_port;
+        proxy_set_header X-Forwarded-Port   $server_port;
+        proxy_pass http://api:12081/api/v1/trackfiles/viewable/?$query;
+        proxy_pass_request_body off;
+        proxy_set_header        Content-Length "";
+    }
+
+    location /api/v1/trackfiles/transcode/ {
+        # this block deals with authenticating and caching transcoding
+        # requests. Caching is heavily recommended as transcoding
+        # is a CPU intensive process.
+        auth_request /transcode-auth;
+        if ($args ~ (.*)jwt=[^&]*(.*)) {
+            set $cleaned_args $1$2;
+        }
+        proxy_cache_key "$scheme$request_method$host$uri$is_args$cleaned_args";
+        proxy_cache transcode;
+        proxy_cache_valid 200 7d;
+        proxy_ignore_headers "Set-Cookie";
+        proxy_hide_header "Set-Cookie";
+        add_header X-Cache-Status $upstream_cache_status;
+        proxy_pass   http://funkwhale-api;
+    }
+    # end of transcoding logic
+
     location /staticfiles/ {
         # django static files
         alias /srv/funkwhale/data/static/;