Commit 58450701 authored by Federico Sismondi's avatar Federico Sismondi

Merge branch 'nginx_cors' into 'master'

Add CORS configs for nginx

See merge request !22
parents b5502224 e7683f56
...@@ -111,7 +111,7 @@ services: ...@@ -111,7 +111,7 @@ services:
- "${ORION_PORT}" - "${ORION_PORT}"
ports: ports:
- "${ORION_PORT}:${ORION_PORT}" - "${ORION_PORT}:${ORION_PORT}"
command: -corsOrigin __ALL -corsMaxAge 600 -dbhost mongo-db -logLevel WARN command: -dbhost mongo-db -logLevel WARN
healthcheck: healthcheck:
test: curl --fail -s http://orion:${ORION_PORT}/version || exit 1 test: curl --fail -s http://orion:${ORION_PORT}/version || exit 1
start_period: 40s start_period: 40s
......
...@@ -3,7 +3,7 @@ events { ...@@ -3,7 +3,7 @@ events {
} }
http { http {
include /etc/nginx/conf.d/*.conf; include /etc/nginx/conf.d/upstreams.conf; # upstreams are the backend micro services
include /etc/nginx/mime.types; include /etc/nginx/mime.types;
default_type application/octet-stream; default_type application/octet-stream;
...@@ -18,33 +18,88 @@ http { ...@@ -18,33 +18,88 @@ http {
keepalive_timeout 65; keepalive_timeout 65;
#gzip on; #gzip on;
#error_log /etc/nginx/error_log.log debug;
error_log /etc/nginx/error_log.log warn; error_log /etc/nginx/error_log.log warn;
client_max_body_size 20m; client_max_body_size 20m;
proxy_cache_path /etc/nginx/cache keys_zone=one:500m max_size=1000m; proxy_cache_path /etc/nginx/cache keys_zone=one:500m max_size=1000m;
map $http_origin $allow_origin {
default "*";
"~^https?://(somedomain\.xyz|localhost:8080)$" "$http_origin";
}
map $request_method $cors_method {
default "allowed";
"OPTIONS" "preflight";
}
map $cors_method $cors_max_age {
default "";
"preflight" 3600;
}
map $cors_method $cors_allow_methods {
default "";
"preflight" "GET, POST, OPTIONS";
}
map $cors_method $cors_allow_headers {
default "";
"preflight" "fiware-service,fiware-servicepath,Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since";
}
map $cors_method $cors_content_length {
default $initial_content_length;
"preflight" 0;
}
map $cors_method $cors_content_type {
default $initial_content_type;
"preflight" "text/plain charset=UTF-8";
}
server { server {
#server_name server1.your.domain server_name www.example.com "";
add_header Access-Control-Allow-Origin $allow_origin;
add_header Access-Control-Allow-Credentials 'true';
add_header Access-Control-Max-Age $cors_max_age;
add_header Access-Control-Allow-Methods $cors_allow_methods;
add_header Access-Control-Allow-Headers $cors_allow_headers;
set $initial_content_length $sent_http_content_length;
add_header 'Content-Length' "";
add_header 'Content-Length' $cors_content_length;
set $initial_content_type $sent_http_content_type;
add_header Content-Type "";
add_header Content-Type $cors_content_type;
if ($request_method = 'OPTIONS') {
return 204;
}
location / { location / {
include conf.d/proxy_params.conf; include conf.d/proxy_params.conf;
proxy_pass http://naiades-hmi:80/; # see cond.d/upstreams proxy_pass http://naiades-hmi:80/; # see cond.d/upstreams
proxy_redirect default; proxy_redirect default;
} }
location ^~ /context-api/ { location ^~ /context-api/ {
include conf.d/proxy_params.conf; include conf.d/proxy_params.conf;
proxy_pass http://ORION/; # see cond.d/upstream proxy_pass http://ORION/; # see cond.d/upstream
# proxy_pass http://ORION_PEP/; # DEVELOPMENT ONLY! #proxy_pass http://ORION_PEP/; # DEVELOPMENT ONLY!
proxy_redirect default; proxy_redirect default;
} }
location ^~ /time-series-api/ { location ^~ /time-series-api/ {
# DEVELOPMENT ONLY! auth is needed here! # DEVELOPMENT ONLY! auth is needed here!
include conf.d/proxy_params.conf; include conf.d/proxy_params.conf;
proxy_pass http://QUANTUM/; # see cond.d/upstreams proxy_pass http://QUANTUM/; # see cond.d/upstreams
proxy_redirect default; proxy_redirect default;
} }
location ^~ /identity-api/ { location ^~ /identity-api/ {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment