self/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add guavo

Browse Source
This commit is contained in:
Administrator 2024-01-08 17:52:36 +03:00
parent 7311a9a38a
commit b694803cca
4 changed files with 176 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nginx/nginx-dev/Dockerfile
View File

@ -1,4 +1,4 @@
FROM nginx
COPY ./nginx-dev.conf /etc/nginx/nginx.conf
COPY ./config /etc/nginx
COPY ./privkey.pem /etc/nginx/privkey.pem
COPY ./fullchain.pem /etc/nginx/fullchain.pem

173
nginx/nginx-dev/config/guavo.conf Normal file
View File

@ -0,0 +1,173 @@
events {}
http {
client_max_body_size 50m;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
# server {
# listen 80;
# server_name *.develop.guavo.tech;
# return 301 https://$host$request_uri;
# }
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name swarmpit.develop.guavo.tech;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/privkey.pem;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-refferer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
location / {
proxy_pass http://develop.guavo.tech:888/;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name portainer.develop.guavo.tech;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/privkey.pem;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-refferer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
location / {
proxy_pass http://develop.guavo.tech:8888/;
}
location /api/websocket/ {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_pass http://develop.guavo.tech:8888/api/websocket/;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name rabbitmq.develop.guavo.tech;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/privkey.pem;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-refferer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
location / {
proxy_pass http://develop.guavo.tech:15672/;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name minio.develop.guavo.tech;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/privkey.pem;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-refferer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
location / {
proxy_pass http://develop.guavo.tech:9001/;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name grafana.develop.guavo.tech;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/privkey.pem;
proxy_set_header Host $http_host;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-refferer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
location / {
proxy_pass http://develop.guavo.tech:3000/;
}
location /api/live/ws {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_pass http://develop.guavo.tech:3000/api/live/ws;
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ~^(?<domain>.*)\.develop\.guavo\.tech$;
resolver 127.0.0.11 ipv6=off;
ssl_certificate /etc/nginx/fullchain.pem;
ssl_certificate_key /etc/nginx/privkey.pem;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-refferer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
location / {
proxy_pass http://$domain-nginx:1238$request_uri;
}
}
server {
listen 80;
server_name ~^(?<domain>.*)\.develop\.guavo\.tech$;
resolver 127.0.0.11 ipv6=off;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-refferer-when-downgrade" always;
add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Real-IP $remote_addr;
location / {
proxy_pass http://$domain-nginx:1238$request_uri;
}
}
}

2
nginx/nginx-dev/config/nginx.conf Normal file
View File

@ -0,0 +1,2 @@
include ./guavo.conf;
include ./sprinthub.conf;

0
nginx/nginx-dev/nginx-dev.conf → nginx/nginx-dev/config/sprinthub.conf
View File