From be47e07659dfc284168f5a1ab66d8efeba965224 Mon Sep 17 00:00:00 2001 From: Yasien Mac Mini Date: Fri, 16 May 2025 00:04:27 +0200 Subject: [PATCH] nginx --- nginx/nginx.conf | 444 +++++++++++++++++++++++------------------------ 1 file changed, 222 insertions(+), 222 deletions(-) diff --git a/nginx/nginx.conf b/nginx/nginx.conf index 9f2734d5..98e50e51 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -28,162 +28,162 @@ http { server_name app.mzansi-innovation-hub.co.za; - # #Web App - # location / { - # proxy_pass http://MIH-UX:83/; - # } - - # location ~ /.well-known/acme-challenge/ { - # root /var/www/certbot; - # } - - return 301 https://app.mzansi-innovation-hub.co.za$request_uri; - } - - server { - listen 443 ssl; - http2 on; - # use the certificates - ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; - server_name app.mzansi-innovation-hub.co.za; - root /var/www/html; - index index.php index.html index.htm; - - # To allow special characters in headers - ignore_invalid_headers off; - # Allow any size file to be uploaded. - # Set to a value such as 1000m; to restrict file size to a specific value - client_max_body_size 0; - # To disable buffering - proxy_buffering off; - proxy_request_buffering off; - - # Web App + #Web App location / { proxy_pass http://MIH-UX:83/; } location ~ /.well-known/acme-challenge/ { root /var/www/certbot; - } + } + + # return 301 https://app.mzansi-innovation-hub.co.za$request_uri; } + # server { + # listen 443 ssl; + # http2 on; + # # use the certificates + # ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; + # ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; + # server_name app.mzansi-innovation-hub.co.za; + # root /var/www/html; + # index index.php index.html index.htm; + + # # To allow special characters in headers + # ignore_invalid_headers off; + # # Allow any size file to be uploaded. + # # Set to a value such as 1000m; to restrict file size to a specific value + # client_max_body_size 0; + # # To disable buffering + # proxy_buffering off; + # proxy_request_buffering off; + + # # Web App + # location / { + # proxy_pass http://MIH-UX:83/; + # } + + # location ~ /.well-known/acme-challenge/ { + # root /var/www/certbot; + # } + # } + #================API Server================ server { listen 80; server_name api.mzansi-innovation-hub.co.za; - # # #Web App - # location / { - # proxy_pass http://MIH-API-Hub:8080/; - # } - - # location ~ /.well-known/acme-challenge/ { - # root /var/www/certbot; - # } - - return 301 https://api.mzansi-innovation-hub.co.za$request_uri; - } - - server { - listen 443 ssl; - http2 on; - # use the certificates - ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; - server_name api.mzansi-innovation-hub.co.za; - root /var/www/html; - index index.php index.html index.htm; - - # To allow special characters in headers - ignore_invalid_headers off; - # Allow any size file to be uploaded. - # Set to a value such as 1000m; to restrict file size to a specific value - client_max_body_size 0; - # To disable buffering - proxy_buffering off; - proxy_request_buffering off; - - # Web Api + #Fast API location / { - proxy_pass http://MIH-API-Hub:80/; + proxy_pass http://MIH-API-Hub:8080/; } location ~ /.well-known/acme-challenge/ { root /var/www/certbot; } + + # return 301 https://api.mzansi-innovation-hub.co.za$request_uri; } + # server { + # listen 443 ssl; + # http2 on; + # # use the certificates + # ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; + # ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; + # server_name api.mzansi-innovation-hub.co.za; + # root /var/www/html; + # index index.php index.html index.htm; + + # # To allow special characters in headers + # ignore_invalid_headers off; + # # Allow any size file to be uploaded. + # # Set to a value such as 1000m; to restrict file size to a specific value + # client_max_body_size 0; + # # To disable buffering + # proxy_buffering off; + # proxy_request_buffering off; + + # # Web Api + # location / { + # proxy_pass http://MIH-API-Hub:80/; + # } + + # location ~ /.well-known/acme-challenge/ { + # root /var/www/certbot; + # } + # } + #================AI Server================ server { listen 80; server_name ai.mzansi-innovation-hub.co.za; - # # #Web App - # location / { - # proxy_pass http://MIH-API-Hub:8080/; - # } - - # location ~ /.well-known/acme-challenge/ { - # root /var/www/certbot; - # } - - return 301 https://ai.mzansi-innovation-hub.co.za$request_uri; - } - - server { - listen 443 ssl; - http2 on; - # use the certificates - ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; - server_name ai.mzansi-innovation-hub.co.za; - root /var/www/html; - index index.php index.html index.htm; - - # To allow special characters in headers - ignore_invalid_headers off; - # Allow any size file to be uploaded. - # Set to a value such as 1000m; to restrict file size to a specific value - client_max_body_size 0; - # To disable buffering - proxy_buffering off; - proxy_request_buffering off; - - # Web Api + # #Web App location / { - # Handle preflight OPTIONS requests - # if ($request_method = OPTIONS ) { - # # Add CORS headers for preflight request - # add_header 'Access-Control-Allow-Origin' 'https://app.mzansi-innovation-hub.co.za' always; - # # add_header 'Access-Control-Allow-Credentials' 'true' always; - # add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; - # add_header 'Access-Control-Allow-Headers' '*'; - # add_header 'Access-Control-Max-Age' 1728000; - # return 204; - # } - - # add_header 'Access-Control-Allow-Origin' 'https://app.mzansi-innovation-hub.co.za' always; - # # add_header 'Access-Control-Allow-Credentials' 'true' always; - # # add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always - # add_header 'Access-Control-Allow-Headers' '*'; - - - proxy_pass http://MIH-AI:11434/; - # proxy_set_header Host $host; - # proxy_set_header X-Real-IP $remote_addr; - # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://MIH-API-Hub:8080/; } location ~ /.well-known/acme-challenge/ { root /var/www/certbot; } + + # return 301 https://ai.mzansi-innovation-hub.co.za$request_uri; } + # server { + # listen 443 ssl; + # http2 on; + # # use the certificates + # ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; + # ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; + # server_name ai.mzansi-innovation-hub.co.za; + # root /var/www/html; + # index index.php index.html index.htm; + + # # To allow special characters in headers + # ignore_invalid_headers off; + # # Allow any size file to be uploaded. + # # Set to a value such as 1000m; to restrict file size to a specific value + # client_max_body_size 0; + # # To disable buffering + # proxy_buffering off; + # proxy_request_buffering off; + + # # Web Api + # location / { + # # Handle preflight OPTIONS requests + # # if ($request_method = OPTIONS ) { + # # # Add CORS headers for preflight request + # # add_header 'Access-Control-Allow-Origin' 'https://app.mzansi-innovation-hub.co.za' always; + # # # add_header 'Access-Control-Allow-Credentials' 'true' always; + # # add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; + # # add_header 'Access-Control-Allow-Headers' '*'; + # # add_header 'Access-Control-Max-Age' 1728000; + # # return 204; + # # } + + # # add_header 'Access-Control-Allow-Origin' 'https://app.mzansi-innovation-hub.co.za' always; + # # # add_header 'Access-Control-Allow-Credentials' 'true' always; + # # # add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always + # # add_header 'Access-Control-Allow-Headers' '*'; + + + # proxy_pass http://MIH-AI:11434/; + # # proxy_set_header Host $host; + # # proxy_set_header X-Real-IP $remote_addr; + # # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # # proxy_set_header X-Forwarded-Proto $scheme; + # } + + # location ~ /.well-known/acme-challenge/ { + # root /var/www/certbot; + # } + # } + #================Monitor Server================ server { @@ -191,38 +191,7 @@ http { server_name monitor.mzansi-innovation-hub.co.za; - # # #Web App - # location / { - # proxy_pass http://MIH-Monitor:9443/; - # } - - # location ~ /.well-known/acme-challenge/ { - # root /var/www/certbot; - # } - - return 301 https://monitor.mzansi-innovation-hub.co.za$request_uri; - } - - server { - listen 443 ssl; - http2 on; - # use the certificates - ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; - server_name monitor.mzansi-innovation-hub.co.za; - root /var/www/html; - index index.php index.html index.htm; - - # To allow special characters in headers - ignore_invalid_headers off; - # Allow any size file to be uploaded. - # Set to a value such as 1000m; to restrict file size to a specific value - client_max_body_size 0; - # To disable buffering - proxy_buffering off; - proxy_request_buffering off; - - # Web Api + # #Web App location / { proxy_pass http://MIH-Monitor:9443/; } @@ -230,89 +199,120 @@ http { location ~ /.well-known/acme-challenge/ { root /var/www/certbot; } + + # return 301 https://monitor.mzansi-innovation-hub.co.za$request_uri; } + # server { + # listen 443 ssl; + # http2 on; + # # use the certificates + # ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; + # ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; + # server_name monitor.mzansi-innovation-hub.co.za; + # root /var/www/html; + # index index.php index.html index.htm; + + # # To allow special characters in headers + # ignore_invalid_headers off; + # # Allow any size file to be uploaded. + # # Set to a value such as 1000m; to restrict file size to a specific value + # client_max_body_size 0; + # # To disable buffering + # proxy_buffering off; + # proxy_request_buffering off; + + # # Web Api + # location / { + # proxy_pass http://MIH-Monitor:9443/; + # } + + # location ~ /.well-known/acme-challenge/ { + # root /var/www/certbot; + # } + # } + #================File Server================ server { listen 80; server_name minio.mzansi-innovation-hub.co.za; - # #Web App - # location / { - # proxy_pass https://minioAPI; - # } - - # location ~ /.well-known/acme-challenge/ { - # root /var/www/certbot; - # } - - return 301 https://minio.mzansi-innovation-hub.co.za$request_uri; - } - - server { - listen 443 ssl; - http2 on; - # use the certificates - ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; - ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; - server_name minio.mzansi-innovation-hub.co.za; - root /var/www/html; - index index.php index.html index.htm; - - # To allow special characters in headers - ignore_invalid_headers off; - # Allow any size file to be uploaded. - # Set to a value such as 1000m; to restrict file size to a specific value - client_max_body_size 0; - # To disable buffering - proxy_buffering off; - proxy_request_buffering off; - - + #Web App location / { - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - proxy_connect_timeout 300; - # Default is HTTP/1, keepalive is only enabled in HTTP/1.1 - proxy_http_version 1.1; - proxy_set_header Connection ""; - chunked_transfer_encoding off; - - proxy_pass http://MIH-Minio:9000; # This uses the upstream directive definition to load balance - } - - location /minio/ui/ { - rewrite ^/minio/ui/(.*) /$1 break; - proxy_set_header Host $http_host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_set_header X-NginX-Proxy true; - - # This is necessary to pass the correct IP to be hashed - real_ip_header X-Real-IP; - - proxy_connect_timeout 300; - - # To support websockets in MinIO versions released after January 2023 - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - # Some environments may encounter CORS errors (Kubernetes + Nginx Ingress) - # Uncomment the following line to set the Origin request to an empty string - proxy_set_header Origin ''; - - chunked_transfer_encoding off; - - proxy_pass http://MIH-Minio:9001; # This uses the upstream directive definition to load balance + proxy_pass https://minioAPI; } location ~ /.well-known/acme-challenge/ { root /var/www/certbot; } + + # return 301 https://minio.mzansi-innovation-hub.co.za$request_uri; } + + # server { + # listen 443 ssl; + # http2 on; + # # use the certificates + # ssl_certificate /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/fullchain.pem; + # ssl_certificate_key /etc/letsencrypt/live/app.mzansi-innovation-hub.co.za/privkey.pem; + # server_name minio.mzansi-innovation-hub.co.za; + # root /var/www/html; + # index index.php index.html index.htm; + + # # To allow special characters in headers + # ignore_invalid_headers off; + # # Allow any size file to be uploaded. + # # Set to a value such as 1000m; to restrict file size to a specific value + # client_max_body_size 0; + # # To disable buffering + # proxy_buffering off; + # proxy_request_buffering off; + + + # location / { + # proxy_set_header Host $http_host; + # proxy_set_header X-Real-IP $remote_addr; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # proxy_set_header X-Forwarded-Proto $scheme; + + # proxy_connect_timeout 300; + # # Default is HTTP/1, keepalive is only enabled in HTTP/1.1 + # proxy_http_version 1.1; + # proxy_set_header Connection ""; + # chunked_transfer_encoding off; + + # proxy_pass http://MIH-Minio:9000; # This uses the upstream directive definition to load balance + # } + + # location /minio/ui/ { + # rewrite ^/minio/ui/(.*) /$1 break; + # proxy_set_header Host $http_host; + # proxy_set_header X-Real-IP $remote_addr; + # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # proxy_set_header X-Forwarded-Proto $scheme; + # proxy_set_header X-NginX-Proxy true; + + # # This is necessary to pass the correct IP to be hashed + # real_ip_header X-Real-IP; + + # proxy_connect_timeout 300; + + # # To support websockets in MinIO versions released after January 2023 + # proxy_http_version 1.1; + # proxy_set_header Upgrade $http_upgrade; + # proxy_set_header Connection "upgrade"; + # # Some environments may encounter CORS errors (Kubernetes + Nginx Ingress) + # # Uncomment the following line to set the Origin request to an empty string + # proxy_set_header Origin ''; + + # chunked_transfer_encoding off; + + # proxy_pass http://MIH-Minio:9001; # This uses the upstream directive definition to load balance + # } + + # location ~ /.well-known/acme-challenge/ { + # root /var/www/certbot; + # } + # } } \ No newline at end of file