infra/nginx/nginx-dev/nginx-dev.conf

events {}

http {
    client_max_body_size 50m;
    resolver 127.0.0.11 ipv6=off;

    map $http_upgrade $connection_upgrade {
        default upgrade;
        '' close;
    }

    server {
        listen 80;
        server_name *.develop.sprinthub.ru;
        return 301 https://$host$request_uri;
    }

    server {
        listen      443 ssl http2;
        listen      [::]:443 ssl http2;
        server_name swarmpit.develop.sprinthub.ru;

        ssl_certificate     /etc/nginx/fullchain.pem;
        ssl_certificate_key /etc/nginx/privkey.pem;

        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header Referrer-Policy "no-refferer-when-downgrade" always;
        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;

        location / {
            proxy_pass http://develop.sprinthub.ru:888/;
        }
    }

    server {
        listen      443 ssl http2;
        listen      [::]:443 ssl http2;
        server_name portainer.develop.sprinthub.ru;

        ssl_certificate     /etc/nginx/fullchain.pem;
        ssl_certificate_key /etc/nginx/privkey.pem;

        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header Referrer-Policy "no-refferer-when-downgrade" always;
        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;

        location / {
            proxy_pass http://develop.sprinthub.ru:8888/;
        }

        location /api/websocket/ {
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
            proxy_set_header Host $host;
            proxy_pass http://develop.sprinthub.ru:8888/api/websocket/;
        }
    }

    server {
        listen      443 ssl http2;
        listen      [::]:443 ssl http2;
        server_name rabbitmq.develop.sprinthub.ru;

        ssl_certificate     /etc/nginx/fullchain.pem;
        ssl_certificate_key /etc/nginx/privkey.pem;

        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header Referrer-Policy "no-refferer-when-downgrade" always;
        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;

        location / {
            proxy_pass http://develop.sprinthub.ru:15672/;
        }
    }

    server {
        listen      443 ssl http2;
        listen      [::]:443 ssl http2;
        server_name minio.develop.sprinthub.ru;

        ssl_certificate     /etc/nginx/fullchain.pem;
        ssl_certificate_key /etc/nginx/privkey.pem;

        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header Referrer-Policy "no-refferer-when-downgrade" always;
        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;

        location / {
            proxy_pass http://develop.sprinthub.ru:9001/;
        }
    }

    server {
        listen      443 ssl http2;
        listen      [::]:443 ssl http2;
        server_name grafana.develop.sprinthub.ru;

        ssl_certificate     /etc/nginx/fullchain.pem;
        ssl_certificate_key /etc/nginx/privkey.pem;

        proxy_set_header Host $http_host;
        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header Referrer-Policy "no-refferer-when-downgrade" always;
        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;

        location / {
            proxy_pass http://develop.sprinthub.ru:3000/;
        }

        location /api/live/ws {
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
            proxy_set_header Host $host;
            proxy_pass http://develop.sprinthub.ru:3000/api/live/ws;
        }
    }

    server {
        listen      443 ssl http2;
        listen      [::]:443 ssl http2;
        server_name ~^(?<domain>\w+)\.develop\.sprinthub\.ru$;

        ssl_certificate     /etc/nginx/fullchain.pem;
        ssl_certificate_key /etc/nginx/privkey.pem;

        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-XSS-Protection "1; mode=block" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header Referrer-Policy "no-refferer-when-downgrade" always;
        add_header Content-Security-Policy "default-src * data: 'unsafe-eval' 'unsafe-inline'" always;

        location / {
            proxy_pass http://$domain-nginx:1238/;
        }
    }

}