hatestheinternet
post image is here by allegralchaple0

Nginx Drupal Content Host

Thanks to the way Nginx goes about its business, defining a zero-knowledge content host for a Drupal multi-site installation is actually pretty simple. I should point out that I never used this in my dev environment and all my sites are served off the apex domain (ie hatestheinternet.com), so you'll definitely need to tweak a few things if you don't roll the same way.

Since we use the same regular expression powered server_name as static which gives us a nice $domain variable, the opening bits of our content config is slightly different:

    location / {
        root /var/www/html/sites/$domain/files;

        add_header 'Access-Control-Allow-Origin' $scheme://$domain;
        add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS';
        add_header 'Cache-Control' 'Public';
        expires 1y;

Since we have the domain handy and Nginx lets us, we dynamically point our document root to the files/ directory for whatever domain it is we're supposed to be serving and set some CORS headers, just in case we ever upload a font or JSON file or something.

    location ~^/styles/.*\.(jpe?g|png|gif)$ {
        try_files $uri @itokredir;
    }

    try_files $uri =404;
}

The location block checks for files missing under styles/ and redirects them back to Drupal to do something awesome. If it's not under styles and doesn't exist, we're pretty much done. Content really doesn't do anything fancy at all.

    location @itokredir {
        return 307 $scheme://$domain/sites/$domain/files$uri?$args;
}

This redirect is where the magic happens: Above, we check to see if an image rendition exists and, if it doesn't, we hit this location which redirects back to the apex host beacuse Drupal is awesome and generates derivatives on demand.

So that's it, really. As advertised, pretty much the same as static, only with a slightly different redirect. This is also just the bare bones of what you need because I figure there's no point wasting space in adding stuff like dot-file protection everybody has in their stuff anyways. Right?