update gitignore

2022-02-16 14:16:06 +01:00 · 2022-02-16 14:16:06 +01:00 · 387e5035d1
parent a85f667dbe
commit 387e5035d1
2 changed files with 1 additions and 136 deletions
--- a/.gitignore
+++ b/.gitignore
@ -65,7 +65,7 @@ typings/
 .env
 !hosting/.env
 hosting/.generated-nginx.dev.conf
-hosting/.generated-nginx.prod.conf
+hosting/proxy/.generated-nginx.prod.conf

 # parcel-bundler cache (https://parceljs.org/)
 .cache
--- a/hosting/proxy/.generated-nginx.prod.conf
+++ b/hosting/proxy/.generated-nginx.prod.conf
@ -1,135 +0,0 @@
-user                    nginx;
-error_log               /var/log/nginx/error.log debug;
-pid                     /var/run/nginx.pid;
-worker_processes        auto;
-worker_rlimit_nofile    33282;
-
-events {
-  worker_connections  1024;
-}
-
-http {
-  limit_req_zone $binary_remote_addr zone=ratelimit:10m rate=20r/s;
-  include       /etc/nginx/mime.types;
-  default_type  application/octet-stream;
-  charset utf-8;
-  sendfile on;
-  tcp_nopush on;
-  tcp_nodelay on;
-  server_tokens off;
-  types_hash_max_size 2048;
-
-
-  # buffering
-  client_body_buffer_size 1K;
-  client_header_buffer_size 1k;
-  client_max_body_size 10M;
-  ignore_invalid_headers off;
-  proxy_buffering off;
-
-  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
-                    '$status $body_bytes_sent "$http_referer" '
-                    '"$http_user_agent" "$http_x_forwarded_for"';
-  
-  map $http_upgrade $connection_upgrade {
-    default     "upgrade";
-  }
-
-  server {
-    listen       10000 default_server;
-    listen  [::]:10000 default_server;
-    server_name  _;
-    client_max_body_size 1000m;
-    ignore_invalid_headers off;
-    proxy_buffering off;
-    # port_in_redirect off;
-
-    # Security Headers
-    add_header X-Frame-Options SAMEORIGIN always;
-    add_header X-Content-Type-Options nosniff always;
-    add_header X-XSS-Protection "1; mode=block" always;
-    add_header Content-Security-Policy  "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.budi.live https://js.intercomcdn.com https://widget.intercom.io; style-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://fonts.googleapis.com https://rsms.me; object-src 'none'; base-uri 'self'; connect-src 'self' https://api-iam.intercom.io https://app.posthog.com wss://nexus-websocket-a.intercom.io; font-src 'self' data https://cdn.jsdelivr.net https://fonts.gstatic.com https://rsms.me; frame-src 'self'; img-src http: https: data; manifest-src 'self'; media-src 'self'; worker-src 'none';" always;
-
-    # upstreams
-    set $apps app-service.budibase.svc.cluster.local;
-    set $worker worker-service.budibase.svc.cluster.local;
-    set $minio minio-service.budibase.svc.cluster.local;
-    set $couchdb budibase-preprod-svc-couchdb;
-
-    location /app {
-      proxy_pass      http://$apps:4002;
-      rewrite ^/app/(.*)$ /$1 break;
-    }
-
-    location = / {
-      proxy_pass      http://$apps:4002;
-    }
-
-    location ~ ^/(builder|app_) {
-      proxy_http_version  1.1;
-      proxy_set_header    Connection          $connection_upgrade;
-      proxy_set_header    Upgrade             $http_upgrade;
-      proxy_set_header    Host                $host;
-      proxy_set_header    X-Real-IP           $remote_addr;
-      proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
-      proxy_pass      http://$apps:4002;
-    }
-
-    location ~ ^/api/(system|admin|global)/ {
-      proxy_pass      http://$worker:4003;
-    }
-
-    location /worker/ {
-      proxy_pass      http://$worker:4003;
-      rewrite ^/worker/(.*)$ /$1 break;
-    }
-
-    location /api/ {
-      # calls to the API are rate limited with bursting
-      limit_req zone=ratelimit burst=20 nodelay;
-
-      # 120s timeout on API requests
-      proxy_read_timeout 120s;
-      proxy_connect_timeout 120s;
-      proxy_send_timeout 120s;
-
-      proxy_http_version  1.1;
-      proxy_set_header    Connection          $connection_upgrade;
-      proxy_set_header    Upgrade             $http_upgrade;
-      proxy_set_header    Host                $host;
-      proxy_set_header    X-Real-IP           $remote_addr;
-      proxy_set_header    X-Forwarded-For     $proxy_add_x_forwarded_for;
-
-      proxy_pass      http://$apps:4002;
-    }
-
-    location /db/ {
-      proxy_pass      http://$couchdb:5984;
-      rewrite ^/db/(.*)$ /$1 break;
-    }
-
-    location / {
-      proxy_set_header X-Real-IP $remote_addr;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto $scheme;
-      proxy_set_header Host $http_host;
-
-      proxy_connect_timeout 300;
-      proxy_http_version 1.1;
-      proxy_set_header Connection "";
-      chunked_transfer_encoding off;
-      proxy_pass      http://$minio:9000;
-    }
-
-    client_header_timeout 60;
-    client_body_timeout   60;
-    keepalive_timeout     60;
-
-    # gzip
-    gzip on;
-    gzip_vary on;
-    gzip_proxied any;
-    gzip_comp_level 6;
-    gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml;
-  }
-}