clean up nginx config
This commit is contained in:
@@ -6,20 +6,11 @@ server {
|
||||
# Dieser Server ist der Zugang zur "Nginx config und wird im 2. Openresty Server genutzt"
|
||||
server {
|
||||
listen 8080;
|
||||
|
||||
set $host theiaconf;
|
||||
set $port 3000;
|
||||
include ldap.conf;
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $theiaconf theiaconf;
|
||||
location / {
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Proxy "";
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarde-Proto $scheme;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://$theiaconf:3000;
|
||||
}
|
||||
include default_proxy.conf;
|
||||
}
|
||||
|
||||
|
||||
@@ -28,23 +19,4 @@ server {
|
||||
include auto_ssl.conf;
|
||||
include ldap.conf;
|
||||
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
set $theia theia;
|
||||
location /dev {
|
||||
rewrite_log on;
|
||||
rewrite /dev/(.*) /$1 break;
|
||||
rewrite ^/dev$ /dev/ permanent;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Proxy "";
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarde-Proto $scheme;
|
||||
|
||||
|
||||
proxy_buffering off;
|
||||
proxy_pass http://$theia:3000;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -15,15 +15,6 @@ services:
|
||||
image: docker.triton2.fet.at/dev_theia
|
||||
volumes:
|
||||
- nginxconf:/home/project
|
||||
devnginx:
|
||||
image: docker.triton2.fet.at/dev_nginx
|
||||
ports:
|
||||
- "8082:80"
|
||||
theia:
|
||||
image: docker.triton2.fet.at/dev_theia
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- data_dev:/home
|
||||
|
||||
volumes:
|
||||
data_dev:
|
||||
|
||||
@@ -114,6 +114,7 @@ ldap_server fet {
|
||||
url ldap://gagarin:389/ou=user,dc=fet,dc=htu,dc=tuwien,dc=ac,dc=at?uid?sub?(objectClass=person);
|
||||
require valid_user;
|
||||
}
|
||||
resolver 127.0.0.11 valid=30s;
|
||||
include /etc/nginx/conf.d/*.conf;
|
||||
|
||||
# Don't reveal OpenResty version to clients.
|
||||
|
||||
5
snippets/default_proxy.conf
Normal file
5
snippets/default_proxy.conf
Normal file
@@ -0,0 +1,5 @@
|
||||
location / {
|
||||
include proxy.conf;
|
||||
proxy_buffering off;
|
||||
proxy_pass http://$host:$port;
|
||||
}
|
||||
16
snippets/proxy.conf
Normal file
16
snippets/proxy.conf
Normal file
@@ -0,0 +1,16 @@
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Proxy "";
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarde-Proto $scheme;
|
||||
proxy_set_header X_FORWARDED_SSL on;
|
||||
proxy_set_header HTTP_X_FORWARDED_SSL on;
|
||||
proxy_buffering off;
|
||||
|
||||
add_header Content-Security-Policy "default-src 'self' 'unsafe-inline'";
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header Referrer-Policy "strict-origin";
|
||||
add_header Strict-Transport-Security "max-age=31536000" always;
|
||||
Reference in New Issue
Block a user