yaso_meth/mih-project
2
4
Fork 2
Code Issues 8 Pull Requests Actions Packages Projects Releases 1 Wiki Activity

add minio and subdomain of nginx

Browse Source
This commit is contained in:
yaso-meth
2024-07-24 15:32:19 +02:00
parent f57dcd2b51
commit d3f529654b
3 changed files with 71 additions and 194 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docker-compose.yml
View File

@@ -110,7 +110,7 @@ services:
- certbotConf:/etc/letsencrypt - certbotConf:/etc/letsencrypt
- certbotChall:/var/www/certbot - certbotChall:/var/www/certbot
#command: certonly --test-cert --webroot -w /var/www/certbot --force-renewal --email yasienmeth@gmail.com -d mzansi-innovation-hub.co.za -d www.mzansi-innovation-hub.co.za --agree-tos #command: certonly --test-cert --webroot -w /var/www/certbot --force-renewal --email yasienmeth@gmail.com -d mzansi-innovation-hub.co.za -d www.mzansi-innovation-hub.co.za --agree-tos
command: certonly --webroot -w /var/www/certbot --force-renewal --email yasienmeth@gmail.com -d mzansi-innovation-hub.co.za -d app.mzansi-innovation-hub.co.za -d api.mzansi-innovation-hub.co.za --agree-tos command: certonly --webroot -w /var/www/certbot --force-renewal --email yasienmeth@gmail.com -d mzansi-innovation-hub.co.za -d app.mzansi-innovation-hub.co.za -d api.mzansi-innovation-hub.co.za -d minio.mzansi-innovation-hub.co.za --agree-tos
networks: networks:
- MIH-network - MIH-network
depends_on: depends_on:

144
nginx/nginx copy
View File

@@ -1,144 +0,0 @@
events {
worker_connections 1024;
}
http {
server_tokens off;
charset utf-8;
upstream minioUI {
least_conn;
server minio:9001;
}
upstream minioAPI {
least_conn;
server minio:9000;
}
# always redirect to https
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
http2 on;
# use the certificates
ssl_certificate /etc/letsencrypt/live/mzansi-innovation-hub.co.za/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mzansi-innovation-hub.co.za/privkey.pem;
server_name mzansi-innovation-hub.co.za;
root /var/www/html;
index index.php index.html index.htm;
# To allow special characters in headers
ignore_invalid_headers off;
# Allow any size file to be uploaded.
# Set to a value such as 1000m; to restrict file size to a specific value
client_max_body_size 0;
# To disable buffering
proxy_buffering off;
proxy_request_buffering off;
# Web App
location / {
proxy_pass http://MIH-UX:83/;
}
# API Hub
location /api/ {
proxy_pass http://MIH-API-Hub:8080/;
}
# phpadmin Dashboard
location /phpmyadmin/ {
proxy_pass http://MIH-phpmyadmin:8081;
}
# SuperTokens Dashboard
location /supertokens/ {
proxy_pass http://MIH-API-Hub:8080/auth/dashboard/;
}
#Minio storage
location /files/ui/ {
rewrite ^/minio/ui/(.*) /$1 break;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# This is necessary to pass the correct IP to be hashed
real_ip_header X-Real-IP;
proxy_connect_timeout 300;
# To support websockets in MinIO versions released after January 2023
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
# Uncomment the following line to set the Origin request to an empty string
# proxy_set_header Origin '';
chunked_transfer_encoding off;
proxy_pass http://minioUI/;
}
#Minio storage API
location /files/ {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_connect_timeout 300;
# Default is HTTP/1, keepalive is only enabled in HTTP/1.1
proxy_http_version 1.1;
proxy_set_header Connection "";
chunked_transfer_encoding off;
proxy_pass http://minioAPI/;
}
# location /phpmyadmin/ {
# proxy_pass http://192.168.1.69:8081/;
# }
location ~ /.well-known/acme-challenge/ {
root /var/www/certbot;
}
}
}
# events {
# worker_connections 1024;
# }
# http {
# server_tokens off;
# charset utf-8;
# # always redirect to https
# server {
# listen 80 default_server;
# server_name mzansi-innovation-hub.co.za www.mzansi-innovation-hub.co.za;
# location / {
# proxy_pass http://MIH-UX:83/;
# }
# location ~ /.well-known/acme-challenge/ {
# root /var/www/certbot;
# }
# # return 301 https://$host$request_uri;
# }
# }

119
nginx/nginx.conf
View File

@@ -113,66 +113,87 @@ http {
root /var/www/certbot; root /var/www/certbot;
} }
} }
}
# # API Hub server {
# location /api/ { listen 80;
server_name minio.mzansi-innovation-hub.co.za;
# #Web App
# location / {
# proxy_pass http://MIH-API-Hub:8080/; # proxy_pass http://MIH-API-Hub:8080/;
# } # }
# # phpadmin Dashboard # location ~ /.well-known/acme-challenge/ {
# location /phpmyadmin/ { # root /var/www/certbot;
# proxy_pass http://MIH-phpmyadmin:8081; # }
# }
return 301 https://minio.mzansi-innovation-hub.co.za$request_uri;
}
server {
listen 443 ssl;
http2 on;
# use the certificates
ssl_certificate /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mzansi-innovation-hub.co.za-0002/privkey.pem;
server_name minio.mzansi-innovation-hub.co.za;
root /var/www/html;
index index.php index.html index.htm;
# To allow special characters in headers
ignore_invalid_headers off;
# Allow any size file to be uploaded.
# Set to a value such as 1000m; to restrict file size to a specific value
client_max_body_size 0;
# To disable buffering
proxy_buffering off;
proxy_request_buffering off;
# # SuperTokens Dashboard location / {
# location /supertokens/ { proxy_set_header Host $http_host;
# proxy_pass http://MIH-API-Hub:8080/auth/dashboard/; proxy_set_header X-Real-IP $remote_addr;
# } proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# #Minio storage proxy_connect_timeout 300;
# location /files/ui/ { # Default is HTTP/1, keepalive is only enabled in HTTP/1.1
# rewrite ^/minio/ui/(.*) /$1 break; proxy_http_version 1.1;
# proxy_set_header Host $http_host; proxy_set_header Connection "";
# proxy_set_header X-Real-IP $remote_addr; chunked_transfer_encoding off;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header X-NginX-Proxy true;
# # This is necessary to pass the correct IP to be hashed proxy_pass https://minioAPI; # This uses the upstream directive definition to load balance
# real_ip_header X-Real-IP; }
# proxy_connect_timeout 300; location /minio/ui/ {
rewrite ^/minio/ui/(.*) /$1 break;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-NginX-Proxy true;
# # To support websockets in MinIO versions released after January 2023 # This is necessary to pass the correct IP to be hashed
# proxy_http_version 1.1; real_ip_header X-Real-IP;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "upgrade";
# # Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
# # Uncomment the following line to set the Origin request to an empty string
# # proxy_set_header Origin '';
# chunked_transfer_encoding off; proxy_connect_timeout 300;
# proxy_pass http://minioUI/; # To support websockets in MinIO versions released after January 2023
# } proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Some environments may encounter CORS errors (Kubernetes + Nginx Ingress)
# Uncomment the following line to set the Origin request to an empty string
# proxy_set_header Origin '';
# #Minio storage API chunked_transfer_encoding off;
# location /files/ {
# proxy_set_header Host $http_host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_connect_timeout 300; proxy_pass https://minioUI; # This uses the upstream directive definition to load balance
# # Default is HTTP/1, keepalive is only enabled in HTTP/1.1 }
# proxy_http_version 1.1;
# proxy_set_header Connection "";
# chunked_transfer_encoding off;
# proxy_pass http://minioAPI/; location ~ /.well-known/acme-challenge/ {
# } root /var/www/certbot;
}
# location /phpmyadmin/ { }
# proxy_pass http://192.168.1.69:8081/; }
# }