update

api.conf

@@ -10,13 +10,16 @@ proxy_set_header      Connection  $http_connection;
 set                   $_url       '';
 set                   $_ver       '';
 set                   $_ref       '';
+set                   $_type      '';
+set                   $_mode      '';
 
 location = /preflight {
   internal;
+  access_log          off;
   more_set_headers
     'access-control-allow-origin: *'
     'access-control-allow-methods: GET,POST,PUT,PATCH,TRACE,DELETE,HEAD,OPTIONS'
-    'access-control-allow-headers: --url,--referer,--cookie,--origin,--ext,--aceh,--ver,accept,accept-charset,accept-encoding,accept-language,accept-datetime,authorization,cache-control,content-length,content-type,date,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,max-forwards,pragma,range,te,upgrade,upgrade-insecure-requests,x-requested-with,chrome-proxy'
+    'access-control-allow-headers: --url,--referer,--cookie,--origin,--ext,--aceh,--ver,--type,--mode,accept,accept-charset,accept-encoding,accept-language,accept-datetime,authorization,cache-control,content-length,content-type,date,if-match,if-modified-since,if-none-match,if-range,if-unmodified-since,max-forwards,pragma,range,te,upgrade,upgrade-insecure-requests,x-requested-with,chrome-proxy'
     'access-control-max-age: 1728000'
   ;
   return              204;
@@ -52,6 +55,8 @@ location = /ws {
 
 
 location = /traff {
+  access_log            off;
+
   content_by_lua_block {
     ngx.say(ngx.shared.traff:get('stat'))
   }

lua/http-dec-req-hdr.lua

@@ -16,6 +16,10 @@ for k, v in pairs(hdrs) do
     ngx.var._url = v
   elseif k == 'ver' then
     ngx.var._ver = v
+  elseif k == 'type' then
+    ngx.var._type = v
+  elseif k == 'mode' then
+    ngx.var._mode = v
   elseif k == 'aceh' then
     ngx.ctx._aceh = 1
   elseif k == 'ext' then

nginx.conf

@@ -6,6 +6,8 @@ http {
     listen                8443 ssl http2;
     include               api.conf;
   }
+
+  # https://nginx.org/en/docs/http/ngx_http_core_module.html
   resolver                1.1.1.1 ipv6=off;
   resolver_timeout        10s;
 
@@ -14,32 +16,36 @@ http {
   server_tokens           off;
   underscores_in_headers  on;
 
+  # https://nginx.org/en/docs/http/ngx_http_ssl_module.html
   ssl_protocols           TLSv1.2 TLSv1.3;
   ssl_ciphers             TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
   ssl_session_cache       shared:SSL:30m;
   ssl_session_timeout     1d;
   ssl_prefer_server_ciphers on;
 
+  # https://nginx.org/en/docs/http/ngx_http_limit_req_module.html
   limit_req_log_level     warn;
   limit_req_zone          $binary_remote_addr zone=reqip:16m rate=100r/s;
   limit_req               zone=reqip burst=200 nodelay;
 
+  # https://nginx.org/en/docs/http/ngx_http_log_module.html
   # separated by tab (\t)
   log_format              log_proxy escape=none
     '$time_iso8601	$_origin_id	$_ver	$remote_addr	'
     '$upstream_cache_status	$request_time	'
     '$request_length	$bytes_sent	'
     '$request_method	$_url	$status	$upstream_http_access_control_allow_origin	'
-    '$http_user_agent	$_ref'
+    '$http_user_agent	$_ref	$_mode	$_type'
   ;
   access_log              logs/proxy.log log_proxy buffer=64k flush=1s;
 
+  # https://nginx.org/cn/docs/http/ngx_http_proxy_module.html
   # 1MB = 8000key
   proxy_cache_path        cache
     levels=1:2
     keys_zone=my_cache:32m
     max_size=20g
-    inactive=24h
+    inactive=6h
     use_temp_path=off
   ;
   proxy_http_version      1.1;
@@ -50,6 +56,8 @@ http {
   proxy_busy_buffers_size 64k;
   proxy_send_timeout      10s;
 
+  # https://github.com/openresty/lua-nginx-module
+
   # traffic statistics
   lua_shared_dict         traff   16k;
 
@@ -63,6 +71,7 @@ http {
   }
 }
 
+# https://nginx.org/en/docs/ngx_core_module.html
 events {
   worker_connections      4096;
 }