148 lines
5.8 KiB
Plaintext
148 lines
5.8 KiB
Plaintext
server {
|
|
listen 8080 default_server;
|
|
listen [::]:8080 default_server;
|
|
server_name "";
|
|
return 444;
|
|
}
|
|
|
|
server {
|
|
listen 8080;
|
|
server_name ${APP_HOST}${APP_PORT};
|
|
location / {
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 8081 ssl;
|
|
ssl_certificate /certifcates/cert.crt;
|
|
ssl_certificate_key /certifcates/key.key;
|
|
server_name ${APP_HOST}${APP_PORT};
|
|
proxy_pass_header Server;
|
|
|
|
add_header X-XSS-Protection "1; mode=block" always;
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
|
add_header Referrer-Policy 'strict-origin' always;
|
|
add_header Feature-Policy "usb 'none'; xr-spatial-tracking 'none'" always;
|
|
add_header Permissions-Policy "geolocation=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=()" always;
|
|
|
|
location / {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass http://opendmp.frontend:8080;
|
|
proxy_read_timeout 90;
|
|
proxy_redirect http://opendmp.frontend:8080 https://${APP_HOST}${APP_PORT};
|
|
}
|
|
|
|
location /api/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass http://opendmp.backend:8080;
|
|
proxy_read_timeout 90;
|
|
proxy_redirect http://opendmp.backend:8080 https://${APP_HOST}${APP_PORT}/api;
|
|
}
|
|
|
|
location /api/notification/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass http://opendmp.notification:8080;
|
|
proxy_read_timeout 90;
|
|
proxy_redirect http://opendmp.notification:8080 https://${APP_HOST}${APP_PORT}/api/notification;
|
|
}
|
|
|
|
location /api/annotation/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass http://opendmp.annotation:8080;
|
|
proxy_read_timeout 90;
|
|
proxy_redirect http://opendmp.annotation:8080 https://${APP_HOST}${APP_PORT}/api/annotation;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 8082 ssl;
|
|
ssl_certificate /certifcates/cert.crt;
|
|
ssl_certificate_key /certifcates/key.key;
|
|
server_name ${MS_HOST};
|
|
proxy_pass_header Server;
|
|
|
|
add_header X-XSS-Protection "1; mode=block" always;
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
|
add_header Referrer-Policy 'strict-origin' always;
|
|
add_header Feature-Policy "usb 'none'; xr-spatial-tracking 'none'" always;
|
|
add_header Permissions-Policy "geolocation=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=()" always;
|
|
|
|
location /keycloak/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_set_header X-Forwarded-Server $host;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass https://opendmp.keycloak:8443;
|
|
proxy_read_timeout 90;
|
|
|
|
proxy_redirect http://opendmp.keycloak:8443 https://${MS_HOST}${MS_PORT}/keycloak;
|
|
}
|
|
|
|
location /rabbitmq/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_set_header X-Forwarded-Server $host;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass https://opendmp.rabbitmq:15672;
|
|
proxy_read_timeout 90;
|
|
|
|
proxy_redirect http://opendmp.rabbitmq:15672 https://${MS_HOST}${MS_PORT}/rabbitmq;
|
|
}
|
|
|
|
location /elastic/ {
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Port $server_port;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
proxy_set_header X-Forwarded-Server $host;
|
|
|
|
# Fix the “It appears that your reverse proxy set up is broken" error.
|
|
proxy_pass https://opendmp.kibana:5601;
|
|
proxy_read_timeout 90;
|
|
|
|
proxy_redirect http://opendmp.kibana:5601 https://${MS_HOST}${MS_PORT}/elastic;
|
|
}
|
|
}
|