default

1. ##
2. # You should look at the following URL's in order to grasp a solid understanding
3. # of Nginx configuration files in order to fully unleash the power of Nginx.
4. # https://www.nginx.com/resources/wiki/start/
5. # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
6. # https://wiki.debian.org/Nginx/DirectoryStructure
7. #
8. # In most cases, administrators will remove this file from sites-enabled/ and
9. # leave it as reference inside of sites-available where it will continue to be
10. # updated by the nginx packaging team.
11. #
12. # This file will automatically load configuration files provided by other
13. # applications, such as Drupal or Wordpress. These applications will be made
14. # available underneath a path with that package name, such as /drupal8.
15. #
16. # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
17. server {
18.     listen 80; # указываем порт, по которому nginx будет слушать запросы
19.     location / {
20.         return 301 https://$host$request_uri;
21.     }
22.     location ^~ /.well-known/acme-challenge/ {
23.         # Set correct content type. According to this:
24.         # https://community.letsencrypt.org/t/using-the-webroot-domain-verification-method/1445/29
25.         # Current specification requires "text/plain" or no content header at all.
26.         # It seems that "text/plain" is a safe option.
27.         default_type "text/plain";
28.         # This directory must be the same as in /etc/letsencrypt/cli.ini
29.         # as "webroot-path" parameter. Also don't forget to set "authenticator" parameter
30.         # there to "webroot".
31.         # Do NOT use alias, use root! Target directory is located here:
32.         # /var/www/common/letsencrypt/.well-known/acme-challenge/
33.         root         /var/www/html;
34.     }
35. }
36. server {
37.     listen 443 ssl default_server;
38.     listen [::]:443 ssl default_server;
39.     ssl_certificate /etc/letsencrypt/live/partnership.dev.pik-digital.ru/fullchain.pem; # managed by Certbot
40.     ssl_certificate_key /etc/letsencrypt/live/partnership.dev.pik-digital.ru/privkey.pem; # managed by Certbot
41.     root /var/www/html;
42.     index index.html index.htm index.nginx-debian.html;
43.     server_name partnership.dev.pik-digital.ru;
44.     location /sockjs-node/ {
45.         proxy_pass http://localhost:4200; # указываем порт нашего приложения
46.         proxy_http_version 1.1;
47.         proxy_set_header Upgrade $http_upgrade;
48.         proxy_set_header Connection "upgrade";
49.         proxy_set_header Host $host;
50.     }
51.     location ^~ /api/v1.0/ {
52.         proxy_pass http://dotnet;
53.         proxy_set_header Host $host;
54.     }
55.     location ^~ /health/ {
56.         proxy_pass http://mobile;
57.         proxy_set_header Host $host;
58.     }
59.     location ^~ /.well-known/openid-configuration {
60.         proxy_pass http://auth;
61.         proxy_set_header Host $host;
62.     }
63.     location ^~ /news. {
64.         proxy_pass http://mobile;
65.         proxy_set_header Host $host;
66.     }
67.     location ^~ /project. {
68.         proxy_pass http://mobile;
69.         proxy_set_header Host $host;
70.     }
71.     location ^~ /auth. {
72.         proxy_pass http://auth;
73.         proxy_set_header Host $host;
74.     }
75.     location ^~ /selling. {
76.         proxy_pass http://mobile;
77.         proxy_set_header Host $host;
78.     }
79.     location ^~ /feed. {
80.         proxy_pass http://mobile;
81.         proxy_set_header Host $host;
82.     }
83.     location /mobile {
84.         rewrite /mobile(.*) /$1 break;
85.         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
86.         proxy_pass http://auth;
87.         proxy_set_header Host $host;
88.         proxy_http_version 1.1;
89.         proxy_set_header Upgrade $http_upgrade;
90.         proxy_set_header Connection "upgrade";
91.     }
92.     location /smpp {
93.         rewrite /smpp(.*) /$1 break;
94.         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
95.         proxy_pass http://smpp;
96.         proxy_set_header Host $host;
97.         proxy_http_version 1.1;
98.         proxy_set_header Upgrade $http_upgrade;
99.         proxy_set_header Connection "upgrade";
100.     }
101.     location /api-docs/mobile/ {
102.         rewrite /api-docs/mobile(.*) $1 break;
103.         proxy_pass http://mobile;
104.         proxy_set_header Host $host;  
105.     }
106.     location /api-docs/ {
107.         rewrite ^/api-docs(.*) $1 break;
108.         proxy_pass http://dotnet/swagger;
109.         proxy_set_header Host $host;
110.     }
111.     location / {
112.         add_header 'Access-Control-Allow-Origin' '*';
113.         add_header 'Access-Control-Allow-Credentials' 'true';
114.         add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
115.         add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
116.     proxy_pass http://localhost:4200;
117.         proxy_http_version 1.1;
118.         proxy_set_header Upgrade $http_upgrade;
119.         proxy_set_header Connection keep-alive;
120.         proxy_set_header Host $host;
121.         proxy_cache_bypass $http_upgrade;
122.     }
123. }
124. upstream dotnet {
125.     server localhost:5000;
126. }
127. upstream mobile {
128.     server localhost:5001;
129. }
130. upstream smpp {
131.     server localhost:3000;
132. }
133. upstream auth {
134.     server localhost:5004;
135. }