nginx 反向代理oss实现自定义文件名下载和解决反向代理文件下载失败

戴国进

已于 2022-07-15 21:48:18 修改

阅读量2k

点赞数

分类专栏： nginx 文章标签： nginx java 运维

于 2022-07-14 14:23:06 首次发布

本文链接：https://blog.youkuaiyun.com/JineD/article/details/125783297

版权

nginx 专栏收录该内容

25 篇文章

订阅专栏

参考：nginx反向代理文件下载失败_kaicen的博客-优快云博客_proxy_max_temp_file_size

nginx反向代理下载文件失败处理

资料上传 linode 平台的 OSS ，使用的系统自动生成文件名造成了下载的时候无法自定义文件名，云平台竟然不支持这个，只好反向代理解决。

http{
#设置反向代理文件配置
    proxy_cache_path /home/file_cache levels=1:2 keys_zone=cache_one:500m inactive=2d max_size=30g;
    .....#代表其它配置
    server {
        listen      80;
        server_name  *.*.*;#域名哈
        location / {
                if ($request_uri ~* \/(.*)\.(txt|doc|pdf|rar|gz|zip|docx|exe|xlsx|ppt|pptx|jpg|png)(\?filename=([^&]+))$) {
                        add_header Content-Disposition "attachment;filename=$arg_filename.$2";
                }
                proxy_cache cache_one;
                proxy_cache_valid 200 304 302 48h;
                proxy_pass *.*.*;
        }
    }
}

准备工作

nginx 要有反向代理的模块 proxy（如上图）

我们来看进程中已经多了cahe 了

开始解释

proxy_cache_path /home/file_cache levels=1:2 keys_zone=cache_one:500m inactive=30d max_size=20g;

proxy_cache_path：表示缓存文件存放的路径，该路径是预先就要创建好的
levels=1:2：设置在相对于path指定目录的第几级hash目录中缓存数据，levels=1，表示一级hash目录，levels=1：2，表示两级hash目录，目录的名称是基于请求URL通过哈希算法得到的
keys_zone=cache_one:500m : 设置缓存名字 500 允许存储的最大大小
inactive=30d ：强制更新时间，在指定时间内没人访问，就删除缓存
max_size=20g ：设置硬盘中缓存数据的大小限制，最大缓存空间

请求链接示例：http://..*/JQ6mJ6A4Ey.pdf?filename=%E6%B5%8B%E8%AF%95%E6%96%87%E6%A1%A37

浏览器不兼容中文的问题

 add_header Content-Disposition "attachment;filename=$arg_filename.$2;filename*=UTF-8''$arg_filename.$2";

"filename" 和 "filename*" 两个参数的唯一区别在于，"filename*"采用了 RFC 5987 中规定的编码方式。当"filename" 和 "filename" 同时出现的时候，应该优先采用"filename"，假如二者都支持的话。

附 linode s3 平台反向代理 nginx 配置：

http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" "$request_time"';

    access_log  /data/log/nginx/access.log  main;
    sendfile        on;
    #tcp_nopush     on;
    keepalive_timeout  1200s;
    fastcgi_connect_timeout 1200s;
    fastcgi_send_timeout 1200s;
    fastcgi_read_timeout 1200s;
    fastcgi_buffers 2 256k;
    fastcgi_buffer_size 128k;
    fastcgi_busy_buffers_size 256k;
    fastcgi_temp_file_write_size 256k;
    client_header_buffer_size 4k;
    client_body_buffer_size 10240M;
    client_max_body_size 2048M;
    proxy_connect_timeout 1200s;
    proxy_send_timeout 1200s;
    proxy_read_timeout 1200s;
    #proxy_buffer_size 1024k;
    #proxy_buffers 20 2048k;
    #proxy_busy_buffers_size 2048k;
    #proxy_cache_path /tmp/ levels=1:2 keys_zone=s3_cache:1024m max_size=10240m inactive=2d;
    proxy_temp_path /tmp/ 1 2;
    proxy_max_temp_file_size 2048M;
    proxy_temp_file_write_size 2048k;
    send_timeout 1200s;
    gzip  on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_disable "MSIE [1-6]\.";
    gzip_types text/plain application/javascript application/x-javascript text/css application/xml image/jpeg;

    server {
    server_name  hitpaw-test.afirstsoft.cn;
    charset utf-8;
    access_log  /data/log/nginx/hitpaw-test.afirstsoft.cn-access.log  main;
    error_log   /data/log/nginx/hitpaw-test.afirstsoft.cn-error.log;

    location / {
    index index.php index.html index.htm;
    proxy_set_header Host $host;
    proxy_pass http://127.0.0.1:8017;
    }

    # Configure your Object Storage bucket URL here:
    set $bucket "hitpaw-usercontent-test.us-southeast-1.linodeobjects.com";

    # This configuration provides direct access to the Object Storage bucket:
    location /s3/  {
      rewrite ^/s3/(.*) /$1 break;
      resolver 8.8.8.8;
      proxy_http_version 1.1;
      proxy_redirect off;
      add_header Content-Disposition "attachment;filename=\"$arg_filename\"";
      add_header Content-Type "application/object-stream;";
      proxy_pass http://$bucket;
    }

    location /toolbox/cut-video-online {
    index index.php index.html index.htm;
    proxy_pass http://127.0.0.1:8017;
    proxy_set_header Host $host;
    add_header 'Cross-Origin-Embedder-Policy' 'require-corp';
    add_header 'Cross-Origin-Opener-Policy' 'same-origin';
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/hitpaw-test.afirstsoft.cn/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/hitpaw-test.afirstsoft.cn/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

 }
 server {
    if ($host = hitpaw-test.afirstsoft.cn) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    server_name  hitpaw-test.afirstsoft.cn;
    listen 80;
    return 404; # managed by Certbot
 }

}