Mindboost/mindboost-media-server
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fresh try

Browse Source
This commit is contained in:
Robert Rapp
2025-07-17 15:16:47 +02:00
parent e3eb6db1f4
commit 403e553744
1 changed files with 28 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
nginx/conf.d/default.conf.template
View File

@@ -1,7 +1,3 @@
# --------------------------- ENV-Key übernehmen ---------------------------
# envsubst ersetzt ${MEDIA_API_KEY} durch den Wert aus docker-compose.yml
server { server {
listen 80; listen 80;
server_name ${SERVER_NAME}; server_name ${SERVER_NAME};
@@ -9,41 +5,44 @@ server {
root /usr/share/nginx/html; root /usr/share/nginx/html;
index index.html; index index.html;
# ———————————————— Audio + CORS + Key-Check ————————————————
# ---------- Geschützte Audio-Ressourcen ----------
location ~* \.(opus|flac|ogg|mp3|wav|m4a|aac)$ { location ~* \.(opus|flac|ogg|mp3|wav|m4a|aac)$ {
# --------- Preflight direkt per IF ---------
if ($request_method = OPTIONS) { if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin "*"; add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET, HEAD, OPTIONS"; add_header Access-Control-Allow-Methods "GET, HEAD, OPTIONS" always;
add_header Access-Control-Allow-Headers "Content-Type,X-API-Key,Keep-Alive,User-Agent,Cache-Control,Content-Type"; add_header Access-Control-Allow-Headers "X-API-Key, Content-Type, Keep-Alive, User-Agent, Cache-Control" always;
add_header Access-Control-Max-Age 1728000; add_header Access-Control-Max-Age 1728000 always;
add_header Content-Length 0; add_header Content-Length 0;
return 204; return 204;
} }
# --- Key-Check (nur GET/HEAD) ---
if ($request_method != OPTIONS) {
if ($http_x_api_key != "${MEDIA_API_KEY}") { if ($http_x_api_key != "${MEDIA_API_KEY}") {
# (optional) WWW-Authenticate-Header für Clients
add_header WWW-Authenticate 'API key required' always;
return 401; return 401;
} }
}
# --- CORS & Cache --- add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Origin "*"; add_header Access-Control-Allow-Methods "GET, HEAD, OPTIONS" always;
add_header Access-Control-Allow-Methods "GET, HEAD, OPTIONS"; add_header Access-Control-Allow-Headers "X-API-Key, Content-Type, Keep-Alive, User-Agent, Cache-Control" always;
add_header Access-Control-Allow-Headers "Content-Type, X-API-Key,Keep-Alive,User-Agent,Cache-Control,Content-Type";
add_header Cache-Control "public, max-age=2592000" always; add_header Cache-Control "public, max-age=2592000" always;
# fehlende MIME-Types types {
types { audio/opus opus; audio/flac flac; } audio/opus opus;
audio/mpeg mp3;
audio/mp4 m4a;
audio/aac aac;
video/mp4 mp4;
video/webm webm;
}
try_files $uri =404; try_files $uri =404;
} }
# ---------- Website / Index ---------- # ———————————————— Alle ande­ren Requests ————————————————
location / { location / {
try_files $uri $uri/ =404; try_files $uri $uri/ =404;
} }