feat: add medias.nupes.social to store media

production.yml

@@ -151,6 +151,7 @@ webservers:
     20b4f083-4ef3-4a82-b15c-edbc31aa1731.pub.instances.scw.cloud:
       web_hostname:
         - nupes.social
+        - medias.nupes.social
 
 phpservers:
   hosts:

roles/nginx/templates/vhosts/medias.nupes.social.conf.j2

@@ -0,0 +1,53 @@
+proxy_cache_path /tmp/nginx-cache-instance-media levels=1:2 keys_zone=s3_cache:10m max_size=10g inactive=48h use_temp_path=off;
+
+server {
+{% include './templates/header.conf.j2' %}
+	root /srv/docker/nupes.social/public/system;
+
+	set $s3_backend 'https://nupes-medias.s3.nl-ams.scw.cloud';
+
+	keepalive_timeout 30;
+
+	location = / {
+		index index.html;
+	}
+
+	location / {
+		try_files $uri @s3;
+	}
+
+	location @s3 {
+		limit_except GET {
+			deny all;
+		}
+
+		resolver 9.9.9.9;
+		proxy_set_header Host 'nupes-medias.s3.nl-ams.scw.cloud';
+		proxy_set_header Connection '';
+		proxy_set_header Authorization '';
+		proxy_hide_header Set-Cookie;
+		proxy_hide_header 'Access-Control-Allow-Origin';
+		proxy_hide_header 'Access-Control-Allow-Methods';
+		proxy_hide_header 'Access-Control-Allow-Headers';
+		proxy_hide_header x-amz-id-2;
+		proxy_hide_header x-amz-request-id;
+		proxy_hide_header x-amz-meta-server-side-encryption;
+		proxy_hide_header x-amz-server-side-encryption;
+		proxy_hide_header x-amz-bucket-region;
+		proxy_hide_header x-amzn-requestid;
+		proxy_ignore_headers Set-Cookie;
+		proxy_pass $s3_backend$uri;
+		proxy_intercept_errors off;
+
+		proxy_cache s3_cache;
+		proxy_cache_valid 200 304 48h;
+		proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
+		proxy_cache_lock on;
+		proxy_cache_revalidate on;
+
+		expires 1y;
+		add_header Cache-Control public;
+		add_header 'Access-Control-Allow-Origin' '*';
+		add_header X-Cache-Status $upstream_cache_status;
+	}
+}