added configmap

e19ba9ca · Spiros Koulouzis · 00a2a841 · e19ba9ca · 00a2a841
Commit e19ba9ca authored 4 years ago by Spiros Koulouzis
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 102 deletions

.gitignore .gitignore +1 -0

nginx.conf k8s/CONF/nginx.conf +0 -102

No files found.
--- a/.gitignore
+++ b/.gitignore
@@ -54,3 +54,4 @@
 /manager/target/
 /provisioner/nbproject/
 /provisioner/target/
+/k8s/CONF/nginx-configmap.yaml
--- a/k8s/CONF/nginx.conf
+++ b/k8s/CONF/nginx.conf
-worker_processes auto;
-events {
-  worker_connections 1024;
-  use epoll;
-  multi_accept on;
-}
-http {
-  tcp_nodelay on;
-  # this is necessary for us to be able to disable request buffering in all cases
-  proxy_http_version 1.1;
-  upstream semaphore {
-    server semaphore:3000;
-  }
-#  upstream sure-tosca {
-#    server sure-tosca:8081;
-#  }  
-  server {
-  	listen [::]:80 default_server;
-  	server_name _;
-  	return 301 https://$host$request_uri;
-  }
-  server {
-    auth_basic           "User's Area";
-    auth_basic_user_file /etc/nginx/htpasswd;
-    listen 443 ssl;
-    server_name  _;
-    # add Strict-Transport-Security to prevent man in the middle attacks
-    add_header Strict-Transport-Security "max-age=31536000" always;
-    # SSL
-    ssl_certificate /etc/nginx/cert/cert.pem;
-    ssl_certificate_key /etc/nginx/cert/privkey.pem;
-    # Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
-    ssl_protocols TLSv1.1 TLSv1.2;
-    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
-    ssl_prefer_server_ciphers on;
-    ssl_session_cache shared:SSL:10m;
-    # disable any limits to avoid HTTP 413 for large image uploads
-    client_max_body_size 0;
-    # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486)
-    chunked_transfer_encoding on;
-    location / {
-      proxy_pass http://semaphore/;
-      proxy_set_header Host $http_host;
-      proxy_set_header X-Real-IP $remote_addr;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto $scheme;
-      proxy_buffering off;
-      proxy_request_buffering off;
-    }
-    location /api/ws {
-      proxy_pass http://semaphore/api/ws;
-      proxy_http_version 1.1;
-      proxy_set_header Upgrade $http_upgrade;
-      proxy_set_header Connection "upgrade";
-      proxy_set_header Origin "";
-    }
-    location /tosca-sure/1.0.0/ {
-      proxy_pass http://sure-tosca:8081/tosca-sure/1.0.0/;
-      proxy_set_header Host $http_host;
-      proxy_set_header X-Real-IP $remote_addr;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto $scheme;
-      proxy_buffering off;
-      proxy_request_buffering off;
-    }    
-    location /manager/ {
-      proxy_pass http:///manager:8080/manager;
-      proxy_set_header Host $http_host;
-      proxy_set_header X-Real-IP $remote_addr;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-      proxy_set_header X-Forwarded-Proto $scheme;
-      proxy_buffering off;
-      proxy_request_buffering off;
-    }      
-  }
-}