diff --git a/Dockerfile.buildkit.plus b/Dockerfile.buildkit.plus index 6f5d8c9..037fc44 100644 --- a/Dockerfile.buildkit.plus +++ b/Dockerfile.buildkit.plus @@ -16,6 +16,7 @@ ENV PROXY_CACHE_SLICE_SIZE=1m ENV PROXY_CACHE_VALID_OK=1h ENV PROXY_CACHE_VALID_NOTFOUND=1m ENV PROXY_CACHE_VALID_FORBIDDEN=30s +ENV PROXY_CACHE_USE_STALE='error timeout http_500 http_502 http_503 http_504' # CORS env vars ENV CORS_ENABLED=0 diff --git a/Dockerfile.oss b/Dockerfile.oss index 9b24480..9d500f3 100644 --- a/Dockerfile.oss +++ b/Dockerfile.oss @@ -11,6 +11,7 @@ ENV PROXY_CACHE_SLICE_SIZE=1m ENV PROXY_CACHE_VALID_OK=1h ENV PROXY_CACHE_VALID_NOTFOUND=1m ENV PROXY_CACHE_VALID_FORBIDDEN=30s +ENV PROXY_CACHE_USE_STALE='error timeout http_500 http_502 http_503 http_504' # CORS env vars ENV CORS_ENABLED=0 diff --git a/Dockerfile.plus b/Dockerfile.plus index a81682b..b954def 100644 --- a/Dockerfile.plus +++ b/Dockerfile.plus @@ -16,6 +16,7 @@ ENV PROXY_CACHE_SLICE_SIZE=1m ENV PROXY_CACHE_VALID_OK=1h ENV PROXY_CACHE_VALID_NOTFOUND=1m ENV PROXY_CACHE_VALID_FORBIDDEN=30s +ENV PROXY_CACHE_USE_STALE='error timeout http_500 http_502 http_503 http_504' # CORS env vars ENV CORS_ENABLED=0 diff --git a/common/docker-entrypoint.d/00-check-for-required-env.sh b/common/docker-entrypoint.d/00-check-for-required-env.sh index 09a5d28..2b633c8 100755 --- a/common/docker-entrypoint.d/00-check-for-required-env.sh +++ b/common/docker-entrypoint.d/00-check-for-required-env.sh @@ -24,7 +24,7 @@ failed=0 required=("S3_BUCKET_NAME" "S3_SERVER" "S3_SERVER_PORT" "S3_SERVER_PROTO" "S3_REGION" "S3_STYLE" "ALLOW_DIRECTORY_LIST" "AWS_SIGS_VERSION" -"CORS_ENABLED") +"CORS_ENABLED", "PROXY_CACHE_USE_STALE") # Require some form of authentication to be configured. @@ -126,6 +126,10 @@ if [ -n "${HEADER_PREFIXES_TO_STRIP+x}" ]; then fi fi +if [[ ! "${PROXY_CACHE_USE_STALE}" ]]; then + >&2 echo "PROXY_CACHE_USE_STALE must not be blank" + failed=1 +fi if [ $failed -gt 0 ]; then exit 1 diff --git a/common/etc/nginx/nginx.conf b/common/etc/nginx/nginx.conf index 4f5f922..ec3ce23 100644 --- a/common/etc/nginx/nginx.conf +++ b/common/etc/nginx/nginx.conf @@ -38,6 +38,7 @@ env PROXY_CACHE_VALID_OK; env PROXY_CACHE_SLICE_SIZE; env PROXY_CACHE_VALID_NOTFOUND; env PROXY_CACHE_VALID_FORBIDDEN; +env PROXY_CACHE_USE_STALE; env HEADER_PREFIXES_TO_STRIP; env FOUR_O_FOUR_ON_EMPTY_BUCKET; env STRIP_LEADING_DIRECTORY_PATH; diff --git a/common/etc/nginx/templates/default.conf.template b/common/etc/nginx/templates/default.conf.template index 52d1e55..19c13cc 100644 --- a/common/etc/nginx/templates/default.conf.template +++ b/common/etc/nginx/templates/default.conf.template @@ -56,7 +56,7 @@ server { proxy_cache_revalidate on; proxy_cache_background_update on; proxy_cache_lock on; - proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504; + proxy_cache_use_stale ${PROXY_CACHE_USE_STALE}; proxy_cache_key "$request_method$host$uri"; # If you need to support proxying range request, refer to this article: diff --git a/deployments/s3_express/settings.s3express.example b/deployments/s3_express/settings.s3express.example index 3dcc2c6..2206a41 100644 --- a/deployments/s3_express/settings.s3express.example +++ b/deployments/s3_express/settings.s3express.example @@ -20,3 +20,4 @@ PROXY_CACHE_INACTIVE=60m PROXY_CACHE_VALID_OK=1h PROXY_CACHE_VALID_NOTFOUND=1m PROXY_CACHE_VALID_FORBIDDEN=30s +PROXY_CACHE_USE_STALE='error timeout http_500 http_502 http_503 http_504' diff --git a/docs/getting_started.md b/docs/getting_started.md index 1590d96..c3e2745 100644 --- a/docs/getting_started.md +++ b/docs/getting_started.md @@ -39,6 +39,7 @@ running as a Container or as a Systemd service. | `PROXY_CACHE_VALID_OK` | No | | `1h` | Sets caching time for response code 200 and 302 | | `PROXY_CACHE_VALID_NOTFOUND` | No | | `1m` | Sets caching time for response code 404 | | `PROXY_CACHE_VALID_FORBIDDEN` | No | | `30s` | Sets caching time for response code 403 | +| `PROXY_CACHE_USE_STALE` | No | | `error timeout http_500 http_502 http_503 http_504` |Sets conditions under which stale cached data can be used. See [here](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_valid) for more details | | `PROVIDE_INDEX_PAGE` | No | `true`, `false` | `false` | Flag which returns the index page if there is one when requesting a directory. | | `JS_TRUSTED_CERT_PATH` | No | | | Enables the `js_fetch_trusted_certificate` directive when retrieving AWS credentials and sets the path (on the container) to the specified path | | `HEADER_PREFIXES_TO_STRIP` | No | | | A list of HTTP header prefixes that exclude headers from client responses. List should be specified in lower-case and a semicolon (;) should be used to as a delimiter between values. For example: x-goog-;x-something-. Headers starting with x-amz- will be stripped by default for security reasons unless explicitly added in HEADER_PREFIXES_ALLOWED. | diff --git a/settings.example b/settings.example index ca71efc..c588884 100644 --- a/settings.example +++ b/settings.example @@ -20,4 +20,5 @@ PROXY_CACHE_INACTIVE=60m PROXY_CACHE_VALID_OK=1h PROXY_CACHE_VALID_NOTFOUND=1m PROXY_CACHE_VALID_FORBIDDEN=30s +PROXY_CACHE_USE_STALE='error timeout http_500 http_502 http_503 http_504' STRIP_LEADING_DIRECTORY_PATH=/somepath \ No newline at end of file diff --git a/standalone_ubuntu_oss_install.sh b/standalone_ubuntu_oss_install.sh index 38c8a36..a458e32 100644 --- a/standalone_ubuntu_oss_install.sh +++ b/standalone_ubuntu_oss_install.sh @@ -96,6 +96,7 @@ echo "Slice of slice for byte range requests: ${PROXY_CACHE_SLICE_SIZE}" echo "Proxy Caching Time for Valid Response: ${PROXY_CACHE_VALID_OK}" echo "Proxy Caching Time for Not Found Response: ${PROXY_CACHE_VALID_NOTFOUND}" echo "Proxy Caching Time for Forbidden Response: ${PROXY_CACHE_VALID_FORBIDDEN}" +echo "Proxy Cache Using Stale: ${PROXY_CACHE_USE_STALE}" echo "CORS Enabled: ${CORS_ENABLED}" echo "CORS Allow Private Network Access: ${CORS_ALLOW_PRIVATE_NETWORK_ACCESS}" @@ -179,6 +180,8 @@ PROXY_CACHE_VALID_OK=${PROXY_CACHE_VALID_OK:-'1h'} PROXY_CACHE_VALID_NOTFOUND=${PROXY_CACHE_VALID_NOTFOUND:-'1m'} # Proxy caching time for response code 403 PROXY_CACHE_VALID_FORBIDDEN=${PROXY_CACHE_VALID_FORBIDDEN:-'30s'} +# Proxy cache using stale data when error occurs +PROXY_CACHE_USE_STALE=${PROXY_CACHE_USE_STALE:-'error timeout http_500 http_502 http_503 http_504'} # Enables or disables CORS for the S3 Gateway (true=enabled, false=disabled) CORS_ENABLED=${CORS_ENABLED:-'false'} # Configure portion of URL to be removed (optional) diff --git a/test/docker-compose.yaml b/test/docker-compose.yaml index 2faa9c8..1c94b2e 100644 --- a/test/docker-compose.yaml +++ b/test/docker-compose.yaml @@ -37,6 +37,7 @@ services: PROXY_CACHE_VALID_OK: "1h" PROXY_CACHE_VALID_NOTFOUND: "1m" PROXY_CACHE_VALID_FORBIDDEN: "30s" + PROXY_CACHE_USE_STALE: "error timeout http_500 http_502 http_503 http_504" minio: image: quay.io/minio/minio:RELEASE.2023-06-09T07-32-12Z