All,
I'm trying to upload a local file to my remote Nginx server via cURL. I have built Nginx from source with the upload module and the DAV module. At the bottom of the Nginx page, there is an example form to upload a file. I'm not sure how I would implement the form, and (several) Google searches have returned little helpful information about uploading directly to Nginx via cURL.
Current tech stack:
Nginx
Green Unicorn
Flask
Of all the different avenues I've tried, the following is the one that seems the most appropriate for the task.
curl -X POST -F "image=#example.gif" http://54.226.64.199/upload
However, the response is underwhelming.
I've tried --uploade-file as well, the response is a 405. From what I've read, upload only accepts a POST command, not PUT, hence why I get a 405.
I don't need a full solution (would be great!), only pointing in the right direction.
Any help is appreciated. Thanks
EDIT: sorry wanted to include part of my .conf
location /upload {
upload_store /tmp;
#upload_pass #none;
upload_store_access all:rw;
upload_cleanup 400 404 499 500-505;
}
You can do this by specifying filename into URL, without using any external module :
location ~ "/upload/([0-9a-zA-Z-.]*)$" {
alias /storage/www/upload/$1;
client_body_temp_path /tmp/upload_tmp;
dav_methods PUT DELETE MKCOL COPY MOVE;
create_full_put_path on;
dav_access group:rw all:r;
}
And use : curl -T example.gif http://54.226.64.199/upload/example.gif
Related
On my site, registered users, after logging in, have the possibility to download files with the curl command, i.e.
curl -O https://example.com /assets/file/test.txt
I would like to somehow avoid that the user not logged in or deleted still has the possibility to download the file by running the command again or by going directly to the address from the browser.
I use Nginx as web server.
Is it possible to block access to the user that no longer exists or is no longer logged in?
I had thought about the possibility of doing something like this:
curl -u {{user.id}}:{{unique_value}} https://example.com/assets/file/test.txt
or
curl -O https://example.com/assets/file/test.txt?param={{unique_value}}
But I don't know how to verify the existence of the user, and if it is possible to do so, with nginx or some other tool.
I tried using cookie control with Nginx, but as far as I know it is easy to circumvent.
yeah you can use http basic auth to restrict file access to authorized people, per the documentation at https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/
touch /etc/nginx/users.htpasswd;
htpasswd /etc/nginx/users.htpasswd user1 'password';
followed by
server {
listen 80;
listen [::]:80
location /assets{
root /wherever/assets/..;
auth_basic "assets";
auth_basic_user_file /etc/nginx/users.htpasswd;
}
}
now only curl -u user1:password1 can download files in /assets/
I am using the nginx upload module to accept large uploads for a PHP application. I have configured nginx following this blog post (modified for my needs).
Here is (the applicable portion of) my nginx configuration:
server {
# [ ... ]
location /upload {
set $upload_field_name "file";
upload_pass /index.php;
upload_store /home/example/websites/example.com/storage/uploads 1;
upload_resumable on;
upload_max_file_size 0;
upload_set_form_field $upload_field_name[filename] "$upload_file_name";
upload_set_form_field $upload_field_name[path] "$upload_tmp_path";
upload_set_form_field $upload_field_name[content_type] "$upload_content_type";
upload_aggregate_form_field $upload_field_name[size] "$upload_file_size";
upload_pass_args on;
upload_cleanup 400-599;
client_max_body_size 200M;
}
}
In the client side JavaScript, I am using 8MB chunks.
With this configuration, I am able to upload any file that is one chunk or smaller. However, when I try to upload any file that is more than one chunk, the response I get from the server for each intermediate chunk is blank, and the final chunk triggers the call to the PHP application without any incoming POST data.
What am I missing?
It turns out that #Brandan's blog post actually leaves out one important directive:
upload_state_store /tmp;
I added that and now everything works as expected.
I am using an application which needs to PUT a file on a HTTP server. I am using Nginx as the server but getting a 405 Not Allowed error back. Here is an example of a test with cURL:
curl -X PUT \
-H 'Content-Type: application/x-mpegurl' \
-d /Volumes/Extra/playlist.m3u8 http://xyz.com
And what I get back from Nginx:
<html>
<head><title>405 Not Allowed</title></head>
<body bgcolor="white">
<center><h1>405 Not Allowed</h1></center>
<hr><center>nginx/1.1.19</center>
</body>
</html>
What do I need to do to allow the PUT?
Any clues would be awesome!
To add HTTP and WebDAV methods like PUT, DELETE, MKCOL, COPY and MOVE you need to compile nginx with HttpDavModule (./configure --with-http_dav_module). Check nginx -V first, maybe you already have the HttpDavModule (I installed nginx from the Debian repository and I already have the module).
Then change your nginx-config like that:
location / {
root /var/www;
dav_methods PUT;
}
You can get more info on the nginx docs entry for the HttpDavModule.
Another reason for 405 Not Allowed is that you don't have permission to write files on the destination you're PUTing. If you have HttpDavModule and still getting this error, make sure you've given nginx write permissions where you're PUTing the files.
Adding this block solved the problem for me in a Laravel application.
location / {
try_files $uri $uri/ /index.php?$query_string;
}
nginx is mainly a proxy and a lot of other things, it share something with web server, not all.
You may want to check: https://www.nginx.com/resources/wiki/modules/upload/,
better is to have a rest interface and let nginx do the proxy, balancing, buffering, TSL ..
I have couple files on my web project. They are all sending to client with nginx help.
But i want to know (and to show for end users) how many times file was downloaded.
For example file has url like: example.com/file.ppt
and nginx settings is next:
location ~* \.(ppt|swf)$ {
root /path/to/static/content;
expires 30d;
}
so my question: can nginx sent some request by some url ? or something else, when someone tries to download certain file ?
You could count successed file downloads in nginx access.log for example with grep:
grep -c file.ppt access.log
I have a setup where my nginx is in front with apache+PHP behind.
My PHP application cache some page in memcache which are accessed by nginx directly except some dynamic part which are build using SSI in Nginx.
The first problem I had was nginx didnt try to use memcache for ssi URI.
<!--# include virtual="/myuser" -->
So I figured that if I force it to use a full URL, it would do it.
<!--# include virtual="http://www.example.com/myuser" -->
But in logs file (both nginx and apache) I can see that a slash has been added at the beginning of the url
http ssi filter "/http://www.example.com/myuser"
In the source code of the SSI module I see a PREFIX that seems to be added, but I can really tell if I can disable it.
Anybody got this issue?
Nginx version : 0.7.62 on Ubuntu Karmic 64bits
Thanks a lot
You can configure nginx to include remote URLs despite you cannot refer them directly in SSI instructions. In site config create location with local path and named remote location that points where you want to. For example:
server {
....
location /remote {
proxy_pass #long_haul; # or use "try_files" to provide fallback
}
location #long_haul {
proxy_pass http://porno.com;
}
....
}
and in served html use include directive that refers /remote path:
<!--# include virtual="/remote/rest-of-url&and=parameters" -->
Note that you may customize URL that is passed further with variables and regexp. For example:
location ~/remote(.+) {
proxy_pass #long_haul$1?$args;
}
It has nothing about nginx, you just can't do that. SSI doesn't accept remote uri. you can only specify a local file path.
See
http://en.wikipedia.org/wiki/Server_Side_Includes