126 lines
4.6 KiB
Plaintext
126 lines
4.6 KiB
Plaintext
server {
|
|
listen 8080 default_server;
|
|
listen [::]:8080 default_server;
|
|
server_name "";
|
|
return 444;
|
|
}
|
|
|
|
server {
|
|
set $app_host $APP_HOST;
|
|
set $app_port $APP_PORT;
|
|
listen 8080;
|
|
server_name ${APP_HOST}${APP_PORT};
|
|
location / {
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
set $app_host $APP_HOST;
|
|
set $app_port $APP_PORT;
|
|
listen 8081;
|
|
server_name ${APP_HOST}${APP_PORT};
|
|
proxy_pass_header Server;
|
|
|
|
# add_header X-XSS-Protection "1; mode=block" always;
|
|
# add_header X-Content-Type-Options nosniff;
|
|
# add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
|
# add_header Referrer-Policy 'strict-origin' always;
|
|
# add_header Feature-Policy "usb 'none'; xr-spatial-tracking 'none'" always;
|
|
# add_header Permissions-Policy "geolocation=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=()" always;
|
|
|
|
location / {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass http://opendmp.frontend:8080;
|
|
proxy_read_timeout 90;
|
|
proxy_redirect http://opendmp.frontend:8080 http://${APP_HOST}${APP_PORT};
|
|
}
|
|
|
|
location /api/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass http://opendmp.backend:8080;
|
|
proxy_read_timeout 90;
|
|
proxy_redirect http://opendmp.backend:8080 http://${APP_HOST}${APP_PORT}/api;
|
|
}
|
|
|
|
location /api/notification/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass http://opendmp.notification:8080;
|
|
proxy_read_timeout 90;
|
|
proxy_redirect http://opendmp.notification:8080 http://${APP_HOST}${APP_PORT}/api/notification;
|
|
}
|
|
|
|
location /api/annotation/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass http://opendmp.annotation:8080;
|
|
proxy_read_timeout 90;
|
|
proxy_redirect http://opendmp.annotation:8080 http://${APP_HOST}${APP_PORT}/api/annotation;
|
|
}
|
|
}
|
|
|
|
server {
|
|
set $ms_host $MS_HOST;
|
|
set $ms_port $MS_PORT;
|
|
listen 8080;
|
|
server_name ${MS_HOST}${MS_PORT};
|
|
location / {
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
set $ms_host $MS_HOST;
|
|
set $ms_port $MS_PORT;
|
|
listen 8082;
|
|
server_name ${MS_HOST};
|
|
proxy_pass_header Server;
|
|
|
|
# add_header X-XSS-Protection "1; mode=block" always;
|
|
# add_header X-Content-Type-Options nosniff;
|
|
# add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
|
# add_header Referrer-Policy 'strict-origin' always;
|
|
# add_header Feature-Policy "usb 'none'; xr-spatial-tracking 'none'" always;
|
|
# add_header Permissions-Policy "geolocation=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=()" always;
|
|
|
|
location /keycloak/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_set_header X-Forwarded-Server $host;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass http://opendmp.keycloak:8080;
|
|
proxy_read_timeout 90;
|
|
|
|
proxy_redirect http://opendmp.keycloak:8080 http://${MS_HOST}${MS_PORT}/keycloak;
|
|
}
|
|
}
|