forked from yaso_meth/mih-project
199 lines
5.8 KiB
Nginx Configuration File
199 lines
5.8 KiB
Nginx Configuration File
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
|
|
http {
|
|
server_tokens off;
|
|
charset utf-8;
|
|
|
|
upstream minioUI {
|
|
least_conn;
|
|
server minio:9001;
|
|
}
|
|
|
|
upstream minioAPI {
|
|
least_conn;
|
|
server minio:9000;
|
|
}
|
|
|
|
# upstream fastAPI {
|
|
# least_conn;
|
|
# server api:8080;
|
|
# }
|
|
|
|
server {
|
|
listen 80;
|
|
|
|
server_name app.mzansi-innovation-hub.co.za;
|
|
|
|
# #Web App
|
|
# location / {
|
|
# proxy_pass http://MIH-UX:83/;
|
|
# }
|
|
|
|
# location ~ /.well-known/acme-challenge/ {
|
|
# root /var/www/certbot;
|
|
# }
|
|
|
|
return 301 https://app.mzansi-innovation-hub.co.za$request_uri;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
http2 on;
|
|
# use the certificates
|
|
ssl_certificate /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/privkey.pem;
|
|
server_name app.mzansi-innovation-hub.co.za;
|
|
root /var/www/html;
|
|
index index.php index.html index.htm;
|
|
|
|
# To allow special characters in headers
|
|
ignore_invalid_headers off;
|
|
# Allow any size file to be uploaded.
|
|
# Set to a value such as 1000m; to restrict file size to a specific value
|
|
client_max_body_size 0;
|
|
# To disable buffering
|
|
proxy_buffering off;
|
|
proxy_request_buffering off;
|
|
|
|
# Web App
|
|
location / {
|
|
proxy_pass http://MIH-UX:83/;
|
|
}
|
|
|
|
location ~ /.well-known/acme-challenge/ {
|
|
root /var/www/certbot;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
|
|
server_name api.mzansi-innovation-hub.co.za;
|
|
|
|
# # #Web App
|
|
# location / {
|
|
# proxy_pass http://MIH-API-Hub:8080/;
|
|
# }
|
|
|
|
# location ~ /.well-known/acme-challenge/ {
|
|
# root /var/www/certbot;
|
|
# }
|
|
|
|
return 301 https://api.mzansi-innovation-hub.co.za$request_uri;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
http2 on;
|
|
# use the certificates
|
|
ssl_certificate /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/privkey.pem;
|
|
server_name api.mzansi-innovation-hub.co.za;
|
|
root /var/www/html;
|
|
index index.php index.html index.htm;
|
|
|
|
# To allow special characters in headers
|
|
ignore_invalid_headers off;
|
|
# Allow any size file to be uploaded.
|
|
# Set to a value such as 1000m; to restrict file size to a specific value
|
|
client_max_body_size 0;
|
|
# To disable buffering
|
|
proxy_buffering off;
|
|
proxy_request_buffering off;
|
|
|
|
# Web Api
|
|
location / {
|
|
proxy_pass http://MIH-API-Hub:80/;
|
|
}
|
|
|
|
location ~ /.well-known/acme-challenge/ {
|
|
root /var/www/certbot;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
|
|
server_name minio.mzansi-innovation-hub.co.za;
|
|
|
|
# #Web App
|
|
# location / {
|
|
# proxy_pass https://minioAPI;
|
|
# }
|
|
|
|
# location ~ /.well-known/acme-challenge/ {
|
|
# root /var/www/certbot;
|
|
# }
|
|
|
|
return 301 https://minio.mzansi-innovation-hub.co.za$request_uri;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
http2 on;
|
|
# use the certificates
|
|
ssl_certificate /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/privkey.pem;
|
|
server_name minio.mzansi-innovation-hub.co.za;
|
|
root /var/www/html;
|
|
index index.php index.html index.htm;
|
|
|
|
# To allow special characters in headers
|
|
ignore_invalid_headers off;
|
|
# Allow any size file to be uploaded.
|
|
# Set to a value such as 1000m; to restrict file size to a specific value
|
|
client_max_body_size 0;
|
|
# To disable buffering
|
|
proxy_buffering off;
|
|
proxy_request_buffering off;
|
|
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
|
|
proxy_connect_timeout 300;
|
|
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Connection "";
|
|
chunked_transfer_encoding off;
|
|
|
|
proxy_pass https://minioAPI; # This uses the upstream directive definition to load balance
|
|
}
|
|
|
|
location /minio/ui/ {
|
|
rewrite ^/minio/ui/(.*) /$1 break;
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-NginX-Proxy true;
|
|
|
|
# This is necessary to pass the correct IP to be hashed
|
|
real_ip_header X-Real-IP;
|
|
|
|
proxy_connect_timeout 300;
|
|
|
|
# To support websockets in MinIO versions released after January 2023
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
|
|
# Uncomment the following line to set the Origin request to an empty string
|
|
# proxy_set_header Origin '';
|
|
|
|
chunked_transfer_encoding off;
|
|
|
|
proxy_pass https://minioUI; # This uses the upstream directive definition to load balance
|
|
}
|
|
|
|
location ~ /.well-known/acme-challenge/ {
|
|
root /var/www/certbot;
|
|
}
|
|
}
|
|
} |