= Usage and Examples Possible placeholders for the url template are {PATH}, {HASH} and {TIMESTAMP} Possible placeholders for the secret are {REMOTE_ADDR}, {PATH} and {TIMESTAMP} {HASH} is the hash generated of the secure link module {PATH} is the requested URI {TIMESTAMP} is the timestamp until the link is valid {REMOTE_ADDR} is the ip of the user for whom the link was generated ddl.servers.x.urlTemplate The template for generating the url ddl.servers.x.secret The template to generate the hash from (see: secure_link_md5) ddl.servers.x.timeout Is the time the link is valid in seconds. 1800 seconds is a half hour. ddl.servers.x.label Is a label for the server to be shown in the listing Example: ddl.servers.example.urlTemplate = "http://example.com[PATH}?st={HASH}&t={TIMESTAMP}" ddl.servers.example.secret = "secdo{PATH}{TIMESTAMP}{REMOTE_ADDR}" ddl.servers.example.timeout = 1800 ddl.servers.example.label = "Example server" Now the filelist is an ini file in the module's data directory named x.ini where x is the server's identifier and containes a section [files] and the content should look like this: ddl.files.x.group1[] = "/some/file.avi" ddl.files.x.group2[] = "/other/file.avi" ddl.files.x.group1[] = "/some/file.mkv" Example: ddl.files.example.avi[] = "/some/file.avi" ddl.files.example.avi[] = "/other/file.avi" ddl.files.example.mkv[] = "/some/file.mkv" You may add group labels in the [settings] section of the module.ini like this: ddl.groups.group1.label = "1st Group" ddl.groups.group2.label = "2nd Group" Example: ddl.groups.avi.label = "AVI Releases" ddl.groups.mkv.label = "MKV Releases" = Configuration of nginx server { listen 80; ## listen for ipv4; server_name files.example.com; access_log /var/log/nginx/files.example.com-access.log; location / { root /my/path/to/the/files; ## This must match the URI part related to the MD5 hash and expiration time. secure_link $arg_st,$arg_e; # this must match the URI part related ## This is how the MD5 hash is built from a secret token, an URI and an ## expiration time. secure_link_md5 segredo$uri$arg_e$remote_addr; # 'segredo' is the secret token # '$remote_addr' binds the link # to one user only ## If the hash is incorrect then $secure_link is a null string. if ($secure_link = "") { return 403; # 403 means Forbidden } ## The current local time is greater than the specified expiration time. if ($secure_link = "0") { return 403; # 403 means Forbidden } ## If everything is ok $secure_link is 1. ## This needs to be here otherwise you'll get a 404. rewrite ^/(.*)$ /$1 break; } }
hikaru-shindo/FansubCMS-DDL-Module
A direct download module for FansubCMS and nginx with ngx_secure_link module
GPL-3.0