From 00f4d29e912b608d5023996a0ebb6d049c23f83f Mon Sep 17 00:00:00 2001
From: Administrator <admin@example.com>
Date: Sat, 17 Sep 2022 19:46:04 +0300
Subject: [PATCH] exchange

---
 .deploy-infra/deploy-dev.yaml    |  2 ++
 .deploy-infra/deploy-prod.yaml   |  2 ++
 nginx/nginx-dev/nginx-dev.conf   | 19 +++++++++++++++++++
 nginx/nginx-prod/nginx-prod.conf | 19 +++++++++++++++++++
 4 files changed, 42 insertions(+)

diff --git a/.deploy-infra/deploy-dev.yaml b/.deploy-infra/deploy-dev.yaml
index c87cf43..47a6e83 100644
--- a/.deploy-infra/deploy-dev.yaml
+++ b/.deploy-infra/deploy-dev.yaml
@@ -117,6 +117,8 @@ networks:
     driver: overlay
   battleship-nginx:
     external: true
+  exchange-nginx:
+    external: true
   sprint-nginx:
     external: true
   swarmpit-nginx:
diff --git a/.deploy-infra/deploy-prod.yaml b/.deploy-infra/deploy-prod.yaml
index bbad60d..43f3f65 100644
--- a/.deploy-infra/deploy-prod.yaml
+++ b/.deploy-infra/deploy-prod.yaml
@@ -117,6 +117,8 @@ networks:
     driver: overlay
   battleship-nginx:
     external: true
+  exchange-nginx:
+    external: true
   sprint-nginx:
     external: true
   swarmpit-nginx:
diff --git a/nginx/nginx-dev/nginx-dev.conf b/nginx/nginx-dev/nginx-dev.conf
index 7d8185a..c7c89d1 100644
--- a/nginx/nginx-dev/nginx-dev.conf
+++ b/nginx/nginx-dev/nginx-dev.conf
@@ -104,4 +104,23 @@ http {
         }
     }
 
+    server {
+        listen      443 ssl http2;
+        listen      [::]:443 ssl http2;
+        server_name dev.develop.sprinthub.ru;
+
+        ssl_certificate     /etc/nginx/fullchain.pem;
+        ssl_certificate_key /etc/nginx/privkey.pem;
+
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-XSS-Protection "1; mode=block" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header Referrer-Policy "no-refferer-when-downgrade" always;
+        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
+
+        location / {
+            proxy_pass http://exchange-nginx:1237/;
+        }
+    }
+
 }
\ No newline at end of file
diff --git a/nginx/nginx-prod/nginx-prod.conf b/nginx/nginx-prod/nginx-prod.conf
index 4545a44..e2732ba 100644
--- a/nginx/nginx-prod/nginx-prod.conf
+++ b/nginx/nginx-prod/nginx-prod.conf
@@ -132,4 +132,23 @@ http {
         }
     }
 
+    server {
+        listen      443 ssl http2;
+        listen      [::]:443 ssl http2;
+        server_name dev.sprinthub.ru;
+
+        ssl_certificate     /etc/nginx/fullchain.pem;
+        ssl_certificate_key /etc/nginx/privkey.pem;
+
+        add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-XSS-Protection "1; mode=block" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header Referrer-Policy "no-refferer-when-downgrade" always;
+        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
+
+        location / {
+            proxy_pass http://exchange-nginx:1237/;
+        }
+    }
+
 }
\ No newline at end of file