nginx proxy configs

This commit is contained in:
Martin McKeaveney 2022-01-14 14:44:40 +01:00
parent 93caf5bede
commit 3544c8ac82
4 changed files with 70 additions and 839 deletions

View File

@ -80,9 +80,9 @@ services:
proxy-service:
restart: always
image: envoyproxy/envoy:v1.16-latest
image: nginx:latest
volumes:
- ./envoy.yaml:/etc/envoy/envoy.yaml
- ./proxy/nginx.conf:/etc/envoy/envoy.yaml
ports:
- "${MAIN_PORT}:10000"
depends_on:

View File

@ -1,9 +1,8 @@
user nginx;
error_log /var/log/nginx/error.log warn;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
worker_processes auto;
# worker_rlimit_nofile 33282;
# sendfile_max_chunk 512k;
worker_rlimit_nofile 33282;
events {
worker_connections 1024;
@ -25,32 +24,9 @@ http {
listen 10000 default_server;
server_name _;
# security headers
add_header X-Frame-Options SAMEORIGIN always;
# proxy headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# budibase services
# set $app_service http://{{ address }}:4001;
# set $worker_service http://{{ address }}:4002;
# set $builder http://{{ address }}:3000;
# set $minio http://minio-service:9000;
# set $couchdb http://couchdb-service:5984;
# config options
client_header_timeout 60;
client_body_timeout 60;
keepalive_timeout 60;
gzip off;
gzip_comp_level 4;
location = / {
return 301 /builder/;
absolute_redirect off;
return 301 /builder;
}
location /db/ {
@ -75,7 +51,7 @@ http {
location /app/ {
proxy_pass http://{{ address }}:4001;
rewrite ^/app/(.*)$ $1 break;
rewrite ^/app/(.*)$ /$1 break;
}
location /builder {
@ -85,10 +61,23 @@ http {
location /builder/ {
proxy_pass http://{{ address }}:3000;
proxy_http_version 1.1;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
proxy_pass http://minio-service:9000;
}
client_header_timeout 60;
client_body_timeout 60;
keepalive_timeout 60;
gzip off;
gzip_comp_level 4;
}
}

View File

@ -1,87 +1,78 @@
user nginx;
worker_processes 5;
error_log logs/error.log;
pid logs/nginx.pid;
worker_rlimit_nofile 8192;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 33282;
events {
worker_connections 4096;
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
include /etc/nginx/proxy.conf;
# include /etc/nginx/fastcgi.conf;
# index index.html index.htm index.php;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
map $http_upgrade $connection_upgrade {
default "upgrade";
}
server {
listen 10000 default_server;
listen [::]:10000 default_server;
server_name _;
access_log logs/budiproxy.access.log main;
# security headers
add_header X-Frame-Options SAMEORIGIN always;
upstream app-service {
server app-service:4002
}
upstream worker-service {
server worker-service:4003
location = / {
proxy_pass http://app-service:4002;
}
location = /v1/update {
proxy_pass http://watchtower-service:8080;
}
location /app/ {
proxy_pass http://app-service;
}
# location ^/(app_|builder) {
# proxy_pass http://app-service:4002;
# }
location /app_ {
proxy_pass http://app-service;
location /builder/ {
proxy_pass http://app-service:4002;
}
location /builder {
proxy_pass http://app-service;
proxy_pass http://app-service:4002;
}
location ~ ^/(global|admin|system)/ {
proxy_pass http://worker-service;
location /app_ {
proxy_pass http://app-service:4002;
}
location = / {
proxy_pass http://app-service;
location ~ ^/api/(system|admin|global)/ {
proxy_pass http://worker-service:4003;
}
location /api/ {
proxy_read_timeout 120s;
proxy_connect_timeout 120s;
proxy_send_timeout 120s;
proxy_pass http://app-service;
proxy_pass http://app-service:4002;
}
location /worker/ {
proxy_pass http://app-service;
proxy_pass http://worker-service:4003;
rewrite ^/worker/(.*)$ /$1 break;
}
location /db/ {
proxy_pass http://couchdb-service:5984;
rewrite ^/db/(.*)$ /$1 break;
}
location / {
proxy_pass http://minio-service:9000;
}
client_header_timeout 60;
client_body_timeout 60;
keepalive_timeout 60;
gzip off;
gzip_comp_level 4;
}
}

File diff suppressed because it is too large Load Diff