add s3

nginx/s3img.stpl

@@ -0,0 +1,70 @@
+#=========================================================================#
+# Default Web Domain Template                                             #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS   #
+# https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work #
+#=========================================================================#
+proxy_cache_path   /tmp/nginx-cache-instance-media levels=1:2 keys_zone=s3_cache:10m max_size=10g inactive=48h use_temp_path=off;
+
+
+server {
+    listen      %ip%:%proxy_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+    error_log  /var/log/%web_system%/domains/%domain%.error.log error;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+    root /home/mastodon/public/system;
+
+    set $s3_backend 'https://img-s.184.im.s3.nl-ams.scw.cloud';
+
+    keepalive_timeout 30;
+
+    location = / {
+        index index.html;
+    }
+    location / {
+        try_files $uri @s3;
+    }
+        
+        location @s3 {
+        limit_except GET {
+                deny all;
+        }
+
+        #resolver 9.9.9.9;
+        proxy_set_header Host 'img-s.184.im.s3.nl-ams.scw.cloud';
+        proxy_set_header Connection '';
+        proxy_set_header Authorization '';
+        proxy_hide_header Set-Cookie;
+        proxy_hide_header 'Access-Control-Allow-Origin';
+        proxy_hide_header 'Access-Control-Allow-Methods';
+        proxy_hide_header 'Access-Control-Allow-Headers';
+        proxy_hide_header x-amz-id-2;
+        proxy_hide_header x-amz-request-id;
+        proxy_hide_header x-amz-meta-server-side-encryption;
+        proxy_hide_header x-amz-server-side-encryption;
+        proxy_hide_header x-amz-bucket-region;
+        proxy_hide_header x-amzn-requestid;
+        proxy_ignore_headers Set-Cookie;
+        proxy_pass $s3_backend$uri;
+        proxy_intercept_errors off;
+
+        proxy_cache s3_cache;
+        proxy_cache_valid 200 304 48h;
+        proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
+        proxy_cache_lock on;
+        proxy_cache_revalidate on;
+
+        expires 1y;
+        add_header Cache-Control public;
+        add_header 'Access-Control-Allow-Origin' '*';
+        add_header X-Cache-Status $upstream_cache_status;
+    }
+
+    include %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
+

nginx/s3img.tpl

@@ -0,0 +1,39 @@
+#=========================================================================#
+# Default Web Domain Template                                             #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS   #
+# https://docs.hestiacp.com/admin_docs/web.html#how-do-web-templates-work #
+#=========================================================================#
+
+server {
+    listen      %ip%:%proxy_port%;
+    server_name %domain_idn% %alias_idn%;
+        
+    include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+
+    location / {
+        proxy_pass      http://%ip%:%web_port%;
+        location ~* ^.+\.(%proxy_extensions%)$ {
+            root           %docroot%;
+            access_log     /var/log/%web_system%/domains/%domain%.log combined;
+            access_log     /var/log/%web_system%/domains/%domain%.bytes bytes;
+            expires        max;
+            try_files      $uri @fallback;
+        }
+    }
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location @fallback {
+        proxy_pass      http://%ip%:%web_port%;
+    }
+
+    location ~ /\.(?!well-known\/|file) {
+       deny all; 
+       return 404;
+    }
+
+    include %home%/%user%/conf/web/%domain%/nginx.conf_*;
+}
+