Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
C
CONF
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
UvA
CONF
Commits
e19ba9ca
Commit
e19ba9ca
authored
May 09, 2020
by
Spiros Koulouzis
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
added configmap
parent
00a2a841
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
1 addition
and
102 deletions
+1
-102
.gitignore
.gitignore
+1
-0
nginx.conf
k8s/CONF/nginx.conf
+0
-102
No files found.
.gitignore
View file @
e19ba9ca
...
...
@@ -54,3 +54,4 @@
/manager/target/
/provisioner/nbproject/
/provisioner/target/
/k8s/CONF/nginx-configmap.yaml
k8s/CONF/nginx.conf
deleted
100644 → 0
View file @
00a2a841
worker_processes
auto
;
events
{
worker_connections
1024
;
use
epoll
;
multi_accept
on
;
}
http
{
tcp_nodelay
on
;
# this is necessary for us to be able to disable request buffering in all cases
proxy_http_version
1
.1
;
upstream
semaphore
{
server
semaphore
:
3000
;
}
# upstream sure-tosca {
# server sure-tosca:8081;
# }
server
{
listen
[::]:80
default_server
;
server_name
_
;
return
301
https://
$host$request_uri
;
}
server
{
auth_basic
"User's
Area"
;
auth_basic_user_file
/etc/nginx/htpasswd
;
listen
443
ssl
;
server_name
_
;
# add Strict-Transport-Security to prevent man in the middle attacks
add_header
Strict-Transport-Security
"max-age=31536000"
always
;
# SSL
ssl_certificate
/etc/nginx/cert/cert.pem
;
ssl_certificate_key
/etc/nginx/cert/privkey.pem
;
# Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
ssl_protocols
TLSv1.1
TLSv1.2
;
ssl_ciphers
'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'
;
ssl_prefer_server_ciphers
on
;
ssl_session_cache
shared:SSL:10m
;
# disable any limits to avoid HTTP 413 for large image uploads
client_max_body_size
0
;
# required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
chunked_transfer_encoding
on
;
location
/
{
proxy_pass
http://semaphore/
;
proxy_set_header
Host
$http_host
;
proxy_set_header
X-Real-IP
$remote_addr
;
proxy_set_header
X-Forwarded-For
$proxy_add_x_forwarded_for
;
proxy_set_header
X-Forwarded-Proto
$scheme
;
proxy_buffering
off
;
proxy_request_buffering
off
;
}
location
/api/ws
{
proxy_pass
http://semaphore/api/ws
;
proxy_http_version
1
.1
;
proxy_set_header
Upgrade
$http_upgrade
;
proxy_set_header
Connection
"upgrade"
;
proxy_set_header
Origin
""
;
}
location
/tosca-sure/1.0.0/
{
proxy_pass
http://sure-tosca:8081/tosca-sure/1.0.0/
;
proxy_set_header
Host
$http_host
;
proxy_set_header
X-Real-IP
$remote_addr
;
proxy_set_header
X-Forwarded-For
$proxy_add_x_forwarded_for
;
proxy_set_header
X-Forwarded-Proto
$scheme
;
proxy_buffering
off
;
proxy_request_buffering
off
;
}
location
/manager/
{
proxy_pass
http:///manager:8080/manager
;
proxy_set_header
Host
$http_host
;
proxy_set_header
X-Real-IP
$remote_addr
;
proxy_set_header
X-Forwarded-For
$proxy_add_x_forwarded_for
;
proxy_set_header
X-Forwarded-Proto
$scheme
;
proxy_buffering
off
;
proxy_request_buffering
off
;
}
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment