Is it possible to reduce this nginx proxy configuration?

Question

I'm having an hard time trying to find out how to reduce this "repeated lines" for my NGinx configuration, just to change one property :

server {
        #listen   [::]:443 ipv6only=on; ## listen for ipv6
        listen    443;

        server_name my.website.com;

        access_log  /var/log/nginx/my.website.com_access.log;
        error_log   /var/log/nginx/my.website.com_error.log;

        ssl  on;
        ssl_certificate  /etc/nginx/website.com/cert.pem;
        ssl_certificate_key  /etc/nginx/website.com/cert.key;
        ssl_session_timeout  5m;

        ssl_protocols  SSLv3 TLSv1;
        ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP:!kEDH;
        ssl_prefer_server_ciphers   on;

        location / {
                proxy_pass         http://127.0.0.1:9010;

                client_max_body_size 1m; # I limit all the file upload to 1 Mo
                error_page         413 =200 https://my.website.com/errors/413; # I send back a 200 HTTP STATUS because Chrome crashes with a 413 (lol)

                proxy_set_header   X-Real-IP          $remote_addr;
                proxy_set_header   Host               $host;
                proxy_set_header   X-Forwarded-Ssl    on;
                proxy_set_header   X-Forwarded-For    $proxy_add_x_forwarded_for;
        }

        # Now, for the two next locations, I will change the body size to 10Mo
        location = /picture/create {
                proxy_pass         http://127.0.0.1:9010;

                client_max_body_size 10m; # Here,
                error_page         413 =200 https://my.website.com/errors/413;

                proxy_set_header   X-Real-IP          $remote_addr;
                proxy_set_header   Host               $host;
                proxy_set_header   X-Forwarded-Ssl    on;
                proxy_set_header   X-Forwarded-For    $proxy_add_x_forwarded_for;
        }

        location ^/picture/([0-9]+)/edit$ {
                proxy_pass         http://127.0.0.1:9010;

                client_max_body_size 10m; # And here
                error_page         413 =200 https://my.website.com/errors/413;

                proxy_set_header   X-Real-IP          $remote_addr;
                proxy_set_header   Host               $host;
                proxy_set_header   X-Forwarded-Ssl    on;
                proxy_set_header   X-Forwarded-For    $proxy_add_x_forwarded_for;
        }
}

I'd like to know if it's possible to :

Reduce the last two "Location" in one (listing the possible location ?)
Avoid indicating 3 times the proxy_* configuration. I tried to put it on the server{} level, but it doesn't work (for obvious reasons). I also tried to not mention them on the last two location, but this results in a "Page Not Found" when I hit the url.
(By the way, is my ssl_ciphers correct?)

Thanks for your help.

score 1 · Accepted Answer · answered Feb 29 '12 at 01:30

One way you could do it is create a file and 'include' it. For example, create a new file called 'standard_include.conf', with the following text in it.

                proxy_pass         http://127.0.0.1:9010;    
                error_page         413 =200 https://my.website.com/errors/413;
                proxy_set_header   X-Real-IP          $remote_addr;
                proxy_set_header   Host               $host;
                proxy_set_header   X-Forwarded-Ssl    on;
                proxy_set_header   X-Forwarded-For    $proxy_add_x_forwarded_for;

Then have your standard config as:

#listen   [::]:443 ipv6only=on; ## listen for ipv6
        listen    443;

        server_name my.website.com;

        access_log  /var/log/nginx/my.website.com_access.log;
        error_log   /var/log/nginx/my.website.com_error.log;

        ssl  on;
        ssl_certificate  /etc/nginx/website.com/cert.pem;
        ssl_certificate_key  /etc/nginx/website.com/cert.key;
        ssl_session_timeout  5m;

        ssl_protocols  SSLv3 TLSv1;
        ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP:!kEDH;
        ssl_prefer_server_ciphers   on;

        location / {
                include standard_include.conf;
                client_max_body_size 1m; # I limit all the file upload to 1 Mo

        }

        # Now, for the two next locations, I will change the body size to 10Mo
        location = /picture/create {
                include standard_include.conf;
                client_max_body_size 10m; # Here,               
        }

        location ^/picture/([0-9]+)/edit$ {    
                include standard_include.conf;
                client_max_body_size 10m; # And here
        }

Is it possible to reduce this nginx proxy configuration?

1 Answers1