projects / arvados.git / blob


44f8469b0a19d47d0897e5a2255e2832c834537b
[arvados.git] / sdk / python / tests / nginx.conf
1 # Copyright (C) The Arvados Authors. All rights reserved.
2 #
3 # SPDX-License-Identifier: Apache-2.0
4
5 daemon off;
6 error_log "{{ERRORLOG}}" info;          # Yes, must be specified here _and_ cmdline
7 events {
8 }
9 http {
10   log_format customlog
11     '[$time_local] "$http_x_request_id" $server_name $status $body_bytes_sent $request_time $request_method "$scheme://$http_host$request_uri" $remote_addr:$remote_port '
12     '"$http_referer" "$http_user_agent"';
13   access_log "{{ACCESSLOG}}" customlog;
14   client_body_temp_path "{{TMPDIR}}/nginx";
15   proxy_temp_path "{{TMPDIR}}/nginx";
16   fastcgi_temp_path "{{TMPDIR}}/nginx";
17   uwsgi_temp_path "{{TMPDIR}}/nginx";
18   scgi_temp_path "{{TMPDIR}}/nginx";
19   upstream controller {
20     server {{LISTENHOST}}:{{CONTROLLERPORT}};
21   }
22   server {
23     listen {{LISTENHOST}}:{{CONTROLLERSSLPORT}} ssl;
24     server_name controller ~.*;
25     ssl_certificate "{{SSLCERT}}";
26     ssl_certificate_key "{{SSLKEY}}";
27     client_max_body_size 0;
28     location  / {
29       proxy_pass http://controller;
30       proxy_set_header Host $http_host;
31       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
32       proxy_set_header X-Forwarded-Proto https;
33       proxy_redirect off;
34     }
35   }
36   upstream arv-git-http {
37     server {{LISTENHOST}}:{{GITPORT}};
38   }
39   server {
40     listen {{LISTENHOST}}:{{GITSSLPORT}} ssl;
41     server_name arv-git-http git.*;
42     ssl_certificate "{{SSLCERT}}";
43     ssl_certificate_key "{{SSLKEY}}";
44     location  / {
45       proxy_pass http://arv-git-http;
46       proxy_set_header Host $http_host;
47       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
48       proxy_set_header X-Forwarded-Proto https;
49       proxy_redirect off;
50     }
51   }
52   upstream keepproxy {
53     server {{LISTENHOST}}:{{KEEPPROXYPORT}};
54   }
55   server {
56     listen {{LISTENHOST}}:{{KEEPPROXYSSLPORT}} ssl;
57     server_name keepproxy keep.*;
58     ssl_certificate "{{SSLCERT}}";
59     ssl_certificate_key "{{SSLKEY}}";
60     location  / {
61       proxy_pass http://keepproxy;
62       proxy_set_header Host $http_host;
63       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
64       proxy_set_header X-Forwarded-Proto https;
65       proxy_redirect off;
66
67       proxy_http_version 1.1;
68       proxy_request_buffering off;
69     }
70   }
71   upstream keep-web {
72     server {{LISTENHOST}}:{{KEEPWEBPORT}};
73   }
74   server {
75     listen {{LISTENHOST}}:{{KEEPWEBSSLPORT}} ssl;
76     server_name keep-web collections.* ~\.collections\.;
77     ssl_certificate "{{SSLCERT}}";
78     ssl_certificate_key "{{SSLKEY}}";
79     location  / {
80       proxy_pass http://keep-web;
81       proxy_set_header Host $http_host;
82       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
83       proxy_set_header X-Forwarded-Proto https;
84       proxy_redirect off;
85
86       client_max_body_size 0;
87       proxy_http_version 1.1;
88       proxy_request_buffering off;
89     }
90   }
91   upstream health {
92     server {{LISTENHOST}}:{{HEALTHPORT}};
93   }
94   server {
95     listen {{LISTENHOST}}:{{HEALTHSSLPORT}} ssl;
96     server_name health health.*;
97     ssl_certificate "{{SSLCERT}}";
98     ssl_certificate_key "{{SSLKEY}}";
99     location  / {
100       proxy_pass http://health;
101       proxy_set_header Host $http_host;
102       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
103       proxy_set_header X-Forwarded-Proto https;
104       proxy_redirect off;
105
106       proxy_http_version 1.1;
107       proxy_request_buffering off;
108     }
109   }
110   server {
111     listen {{LISTENHOST}}:{{KEEPWEBDLSSLPORT}} ssl;
112     server_name keep-web-dl download.* ~.*;
113     ssl_certificate "{{SSLCERT}}";
114     ssl_certificate_key "{{SSLKEY}}";
115     location  / {
116       proxy_pass http://keep-web;
117       proxy_set_header Host $http_host;
118       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
119       proxy_set_header X-Forwarded-Proto https;
120       proxy_redirect off;
121
122       client_max_body_size 0;
123       proxy_http_version 1.1;
124       proxy_request_buffering off;
125     }
126   }
127   upstream ws {
128     server {{LISTENHOST}}:{{WSPORT}};
129   }
130   server {
131     listen {{LISTENHOST}}:{{WSSSLPORT}} ssl;
132     server_name websocket ws.*;
133     ssl_certificate "{{SSLCERT}}";
134     ssl_certificate_key "{{SSLKEY}}";
135     location  / {
136       proxy_pass http://ws;
137       proxy_set_header Upgrade $http_upgrade;
138       proxy_set_header Connection "upgrade";
139       proxy_set_header Host $http_host;
140       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
141       proxy_set_header X-Forwarded-Proto https;
142       proxy_redirect off;
143     }
144   }
145   upstream workbench1 {
146     server {{LISTENHOST}}:{{WORKBENCH1PORT}};
147   }
148   server {
149     listen {{LISTENHOST}}:{{WORKBENCH1SSLPORT}} ssl;
150     server_name workbench1 workbench1.* workbench.*;
151     ssl_certificate "{{SSLCERT}}";
152     ssl_certificate_key "{{SSLKEY}}";
153     location  / {
154       proxy_pass http://workbench1;
155       proxy_set_header Host $http_host;
156       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
157       proxy_set_header X-Forwarded-Proto https;
158       proxy_redirect off;
159     }
160   }
161   server {
162     listen {{LISTENHOST}}:{{WORKBENCH2SSLPORT}} ssl;
163     server_name workbench2 workbench2.*;
164     ssl_certificate "{{SSLCERT}}";
165     ssl_certificate_key "{{SSLKEY}}";
166     location  / {
167       proxy_pass http://{{LISTENHOST}}:{{WORKBENCH2PORT}};
168       proxy_set_header Host $http_host;
169       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
170       proxy_set_header X-Forwarded-Proto https;
171       proxy_redirect off;
172     }
173   }
174 }