180 lines
6.0 KiB
Nginx Configuration File
180 lines
6.0 KiB
Nginx Configuration File
user nginx;
|
|
worker_processes auto;
|
|
error_log /var/log/nginx/error.log;
|
|
pid /run/nginx.pid;
|
|
|
|
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
|
|
include /usr/share/nginx/modules/*.conf;
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
|
'$status $body_bytes_sent "$http_referer" '
|
|
'"$http_user_agent" "$http_x_forwarded_for"';
|
|
|
|
# access_log /var/log/nginx/access.log main;
|
|
|
|
sendfile on;
|
|
tcp_nopush on;
|
|
tcp_nodelay on;
|
|
keepalive_timeout 65;
|
|
types_hash_max_size 2048;
|
|
add_header X-Frame-Options SAMEORIGIN always;
|
|
client_max_body_size 300m;
|
|
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
# Load modular configuration files from the /etc/nginx/conf.d directory.
|
|
# See http://nginx.org/en/docs/ngx_core_module.html#include
|
|
# for more information.
|
|
include /etc/nginx/conf.d/*.conf;
|
|
|
|
upstream gateways {
|
|
least_conn;
|
|
server cmp-10-20-12-60:8000;
|
|
}
|
|
|
|
|
|
map $http_upgrade $connection_upgrade {
|
|
default upgrade;
|
|
'' close;
|
|
}
|
|
|
|
gzip on;
|
|
gzip_min_length 1k;
|
|
gzip_buffers 4 16k;
|
|
#gzip_http_version 1.0;
|
|
gzip_comp_level 7;
|
|
gzip_types text/plain application/javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
|
|
gzip_vary off;
|
|
gzip_disable "MSIE [1-6]\.";
|
|
server {
|
|
listen 60006 ssl;
|
|
server_name localhost;
|
|
root /opt/cmp/consoles/cmc-web/;
|
|
ssl_certificate /etc/nginx/bocloud.crt;
|
|
ssl_certificate_key /etc/nginx/bocloud.key;
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
|
keepalive_timeout 60;
|
|
error_page 497 400 404 500 /web-common-resource/errors/400.html;
|
|
|
|
location / {
|
|
index index.html index.htm;
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
location ~^/(sub-app|plugins)/([\w-]+)/ {
|
|
add_header Access-Control-Allow-Origin *;
|
|
add_header Access-Control-Allow-Methods *;
|
|
add_header Access-Control-Allow-Headers *;
|
|
index index.html index.htm;
|
|
try_files $uri $uri/ /$1/$2//index.html;
|
|
}
|
|
location /web-common-resource {
|
|
add_header Access-Control-Allow-Origin *;
|
|
add_header Access-Control-Allow-Methods *;
|
|
add_header Access-Control-Allow-Headers *;
|
|
alias /opt/cmp/consoles/com-web/;
|
|
}
|
|
location /api/terminal {
|
|
proxy_pass https://$arg_real_host;
|
|
proxy_connect_timeout 60;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_pass_header X-XSRF-TOKEN;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real_IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
|
|
proxy_set_header Connection "upgrade";
|
|
rewrite "^/api/terminal/(.*)$" /$1 break;
|
|
}
|
|
location /api {
|
|
proxy_pass http://gateways;
|
|
proxy_connect_timeout 60;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_pass_header X-XSRF-TOKEN;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real_IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
|
|
proxy_set_header Connection "upgrade";
|
|
}
|
|
location ~^/(attachment|config-files) {
|
|
root /home/cmp/;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 60008 ssl;
|
|
server_name localhost;
|
|
root /opt/cmp/consoles/csc-web/;
|
|
ssl_certificate /etc/nginx/bocloud.crt;
|
|
ssl_certificate_key /etc/nginx/bocloud.key;
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
|
keepalive_timeout 60;
|
|
error_page 497 400 404 500 /web-common-resource/errors/400.html;
|
|
|
|
location / {
|
|
index index.html index.htm;
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
location /api {
|
|
proxy_pass http://gateways;
|
|
proxy_connect_timeout 60;
|
|
proxy_http_version 1.1;
|
|
proxy_pass_header X-XSRF-TOKEN;
|
|
proxy_redirect http:// https://;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header X-Forwarded-Proto https;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real_IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
|
|
proxy_set_header Connection "upgrade";
|
|
}
|
|
location ~^/(sub-app|plugins)/([\w-]+)/ {
|
|
add_header Access-Control-Allow-Origin *;
|
|
add_header Access-Control-Allow-Methods *;
|
|
add_header Access-Control-Allow-Headers *;
|
|
index index.html index.htm;
|
|
try_files $uri $uri/ /$1/$2/index.html;
|
|
}
|
|
location /web-common-resource {
|
|
alias /opt/cmp/consoles/com-web/;
|
|
}
|
|
location /api/terminal {
|
|
proxy_pass https://$arg_real_host;
|
|
proxy_connect_timeout 60;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_pass_header X-XSRF-TOKEN;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real_IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
|
|
proxy_set_header Connection "upgrade";
|
|
rewrite "^/api/terminal/(.*)$" /$1 break;
|
|
}
|
|
location ~^/(attachment|config-files) {
|
|
root /home/cmp/;
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
stream {
|
|
upstream mon {
|
|
least_conn;
|
|
server cmp-10-20-12-60:162;
|
|
}
|
|
server {
|
|
listen 1162 udp reuseport;
|
|
proxy_pass mon;
|
|
proxy_timeout 1m;
|
|
proxy_connect_timeout 60s;
|
|
}
|
|
}
|