proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=STATIC:10m inactive=2h max_size=300m; server { listen 80; listen 443 ssl; http2 on; resolver 127.0.0.11 valid=5s ipv6=off; resolver_timeout 2s; server_name _; ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate_key /etc/nginx/ssl/key.pem; # letsencrypt template # ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem; ssl_dhparam /etc/nginx/dhparam.pem; ssl_session_cache shared:SSL:10m; ssl_session_timeout 1d; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers off; gzip on; gzip_types text/plain text/css application/json application/javascript text/xml application/xml image/svg+xml; gzip_proxied any; gzip_comp_level 9; # configuration platform-gateway: location /proxy/ { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; set $gateway_upstream "gateway:9690"; proxy_pass http://$gateway_upstream; } # configuration platform-manager-static: location /proxy/manager/api/v1/static/ { proxy_buffering on; tcp_nodelay on; proxy_cache STATIC; proxy_cache_valid 200 1d; proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; add_header X-Cache-Status $upstream_cache_status; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; set $frontend_upstream "frontend:80"; proxy_pass http://$frontend_upstream; } # configuration platform-frontend: location / { proxy_buffering on; tcp_nodelay on; proxy_cache STATIC; proxy_cache_valid 200 1d; proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504; add_header X-Cache-Status $upstream_cache_status; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; set $frontend_upstream "frontend:80"; proxy_pass http://$frontend_upstream; } # configuration platform-rabbitmq: location /rabbitmq { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; set $rabbitmq_upstream "rabbitmq:15672"; proxy_pass http://$rabbitmq_upstream; } # configuration logs ( dozzle ): # location /logs { # auth_basic "restricted content"; # auth_basic_user_file logs.passwd; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection 'upgrade'; # proxy_set_header Host $host; # proxy_cache_bypass $http_upgrade; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # set $dozzle_upstream "dozzle:8080"; # proxy_pass http://$dozzle_upstream; # } # configuration manager-swagger: # location /swagger { # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection 'upgrade'; # proxy_set_header Host $host; # proxy_cache_bypass $http_upgrade; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # set $manager_upstream "manager:9600"; # proxy_pass http://$manager_upstream; # } }