nginx.conf 4.06 KB
Newer Older
1 2 3 4 5
events {

}

http {
6
  include /etc/nginx/conf.d/upstreams.conf; # upstreams are the backend micro services
7 8 9 10 11 12 13 14 15 16 17 18 19 20
  include /etc/nginx/mime.types;
  default_type  application/octet-stream;

  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"'
                      'to: $proxy_host $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time';

  access_log  /var/log/nginx/access.log main;
  sendfile        on;
  #tcp_nopush     on;
  keepalive_timeout  65;
  #gzip  on;

21
  #error_log /etc/nginx/error_log.log debug;
22 23 24 25 26
  error_log /etc/nginx/error_log.log warn;
  client_max_body_size 20m;

  proxy_cache_path /etc/nginx/cache keys_zone=one:500m max_size=1000m;

27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61
  map $http_origin $allow_origin {
    default "*";
    "~^https?://(somedomain\.xyz|localhost:8080)$" "$http_origin";
  }

  map $request_method $cors_method {
    default "allowed";
    "OPTIONS" "preflight";
  }

  map $cors_method $cors_max_age {
    default "";
    "preflight" 3600;
  }

  map $cors_method $cors_allow_methods {
    default "";
    "preflight" "GET, POST, OPTIONS";
  }

  map $cors_method $cors_allow_headers {
    default "";
    "preflight" "fiware-service,fiware-servicepath,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since";
  }

  map $cors_method $cors_content_length {
    default $initial_content_length;
    "preflight" 0;
  }

  map $cors_method $cors_content_type {
    default $initial_content_type;
    "preflight" "text/plain charset=UTF-8";
  }

62
  server {
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81
    server_name www.example.com "";

    add_header Access-Control-Allow-Origin $allow_origin;
    add_header Access-Control-Allow-Credentials 'true';
    add_header Access-Control-Max-Age $cors_max_age;
    add_header Access-Control-Allow-Methods $cors_allow_methods;
    add_header Access-Control-Allow-Headers $cors_allow_headers;

    set $initial_content_length $sent_http_content_length;
    add_header 'Content-Length' "";
    add_header 'Content-Length' $cors_content_length;

    set $initial_content_type $sent_http_content_type;
    add_header Content-Type "";
    add_header Content-Type $cors_content_type;

    if ($request_method = 'OPTIONS') {
      return 204;
    }
82

83
    
84
    location / {
85 86 87
      include conf.d/proxy_params.conf;
      proxy_pass http://naiades-hmi:80/; # see cond.d/upstreams
      proxy_redirect default;
88 89
    }

90 91 92 93 94 95
    location ^~ /watering/ {
      include conf.d/proxy_params.conf;
      proxy_pass http://WATERING_GUI/; # see cond.d/upstream
      proxy_redirect default;
    }

96

97
    location ^~ /context-api/ {
98 99 100 101
      include conf.d/proxy_params.conf;
      proxy_pass http://ORION/; # see cond.d/upstream
      #proxy_pass http://ORION_PEP/; # DEVELOPMENT ONLY!
      proxy_redirect default;
102 103
    }

104
    location ^~ /time-series-api/ {
105 106 107 108
      # DEVELOPMENT ONLY! auth is needed here!
      include conf.d/proxy_params.conf;
      proxy_pass http://QUANTUM/; # see cond.d/upstreams
      proxy_redirect default;
109 110 111 112 113 114 115 116 117 118
    }

    location ^~ /identity-api/ {
      include conf.d/proxy_params.conf;
      proxy_pass http://IDM/; # see cond.d/upstreams
      proxy_redirect default;
    }

    location ^~ /dca-carouge-watering-sensed-data {
      include conf.d/proxy_params.conf;
119
      proxy_pass http://DCA-CAROUGE-WATERING/dca-carouge-watering-sensed-data; # see cond.d/upstreams
120 121
      proxy_redirect default;
    }
122 123

    location ^~ /dca-carouge-fountain-sensed-data {
124 125
      #auth_basic "Restricted Area!";
      #auth_basic_user_file htpasswd/.htpasswd;
126 127 128 129 130 131 132
      include conf.d/proxy_params.conf;
      proxy_pass http://DCA-CAROUGE-FOUNTAIN/dca-carouge-fountain-sensed-data; # see cond.d/upstreams
      proxy_redirect default;
    }



133 134
  }

135
#    listen 80;
136 137 138 139
#    listen 443 ssl;
#    ssl_certificate /etc/letsencrypt/live/server2.your.domain/fullchain.pem;
#    ssl_certificate_key /etc/letsencrypt/live/server2.your.domain/privkey.pem;
#    include /etc/letsencrypt/options-ssl-nginx.conf;
140

141
}