log_format proxy_full_log '$remote_addr - $remote_user [$time_local] "$http_host" "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for" - $proxy_host'; map $remote_addr $user_group { include /etc/nginx/map_users_group.acl; } map $uri $channel_group { include /etc/nginx/map_channels_group.acl; } server { listen 0.0.0.0:9099 default_server rcvbuf=16k sndbuf=512k accept_filter=httpready so_keepalive=30m::10; listen [::]:9099 default_server rcvbuf=16k sndbuf=512k accept_filter=httpready so_keepalive=30m::10 ipv6only=on; # Log access_log off; #access_log /dev/stdout proxy_full_log; #error_log /dev/stdout info; # Timeouts settings. ## client keepalive_timeout 75s; client_header_timeout 8s; client_body_timeout 30s; send_timeout 30s; reset_timedout_connection on; ## server proxy_connect_timeout 10s; proxy_send_timeout 10s; proxy_read_timeout 1m; #proxy_send_lowat on; send_lowat 1460; lingering_close on; lingering_time 8s; lingering_timeout 4s; postpone_output 0; tcp_nodelay on; tcp_nopush on; # Request headers tuning merge_slashes on; ignore_invalid_headers on; underscores_in_headers off; proxy_http_version 1.1; proxy_pass_request_headers on; #proxy_set_header Connection 'close'; ## filter some headers proxy_set_header Accept-Language ''; proxy_set_header Accept-Charset ''; proxy_set_header Proxy-Connection ''; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass_request_body on; # for off: proxy_set_header Content-Length 0; #proxy_set_body # Reply headers tuning chunked_transfer_encoding off; msie_padding off; msie_refresh off; server_name_in_redirect off; server_tokens on; proxy_ignore_headers X-Accel-Buffering X-Accel-Expires X-Accel-Limit-Rate X-Accel-Redirect; proxy_pass_header Date; proxy_pass_header Server; #proxy_hide_header proxy_redirect off; proxy_cookie_domain off; proxy_cookie_path off; # Buffers ## client client_body_buffer_size 16k; client_body_in_file_only off; client_body_in_single_buffer off; client_header_buffer_size 16k; large_client_header_buffers 4 16k; client_max_body_size 1m; ## server proxy_buffering on; proxy_buffers 16 64k; #proxy_buffer_size 8k; # Cache #proxy_cache off; # #www_cache proxy_store off; # Buffering + cache proxy_max_temp_file_size 0; #off proxy_temp_file_write_size 64k; open_file_cache off; # Error handling proxy_ignore_client_abort off; proxy_next_upstream error timeout; proxy_intercept_errors on; recursive_error_pages on; error_page 599 = @return_announce; set $srvaddr 127.0.0.1:7088; # msd address!!! location /stat { proxy_set_header Host $srvaddr; proxy_pass http://$srvaddr; } location /hubstat { proxy_set_header Host $srvaddr; proxy_pass http://$srvaddr; } location /channel/ { set $user_not_found "1"; if ($user_group) { set $user_not_found ""; } if ($user_not_found) { #return 599; set $user_group "1"; } set $channel_not_found "1"; if ($channel_group) { set $channel_not_found ""; } if ($channel_not_found) { return 599; } set $acl $channel_group$user_group; if ($acl = 54) { return 599; } if ($acl = 53) { return 599; } if ($acl = 52) { return 599; } if ($acl = 51) { return 599; } if ($acl = 43) { return 599; } if ($acl = 42) { return 599; } if ($acl = 41) { return 599; } if ($acl = 32) { return 599; } if ($acl = 31) { return 599; } if ($acl = 21) { return 599; } proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $srvaddr; proxy_pass http://$srvaddr; } location @return_announce { internal; root /etc/nginx/www-tv/; # !!! edit me rewrite / /announce_big.ts break; # video on access deny!!! add_header TransferMode.DLNA.ORG 'Streaming'; add_header ContentFeatures.DLNA.ORG 'DLNA.ORG_OP=01;DLNA.ORG_CI=0;DLNA.ORG_FLAGS=01700000000000000000000000000000'; } }