13497: Merge branch 'master' into 13497-controller
[arvados.git] / sdk / python / tests / nginx.conf
1 # Copyright (C) The Arvados Authors. All rights reserved.
2 #
3 # SPDX-License-Identifier: Apache-2.0
4
5 daemon off;
6 error_log "{{ERRORLOG}}" info;          # Yes, must be specified here _and_ cmdline
7 events {
8 }
9 http {
10   access_log "{{ACCESSLOG}}" combined;
11   client_body_temp_path "{{TMPDIR}}";
12   upstream arv-git-http {
13     server localhost:{{GITPORT}};
14   }
15   server {
16     listen *:{{GITSSLPORT}} ssl default_server;
17     server_name _;
18     ssl_certificate "{{SSLCERT}}";
19     ssl_certificate_key "{{SSLKEY}}";
20     location  / {
21       proxy_pass http://arv-git-http;
22     }
23   }
24   upstream keepproxy {
25     server localhost:{{KEEPPROXYPORT}};
26   }
27   server {
28     listen *:{{KEEPPROXYSSLPORT}} ssl default_server;
29     server_name _;
30     ssl_certificate "{{SSLCERT}}";
31     ssl_certificate_key "{{SSLKEY}}";
32     location  / {
33       proxy_pass http://keepproxy;
34     }
35   }
36   upstream keep-web {
37     server localhost:{{KEEPWEBPORT}};
38   }
39   server {
40     listen *:{{KEEPWEBSSLPORT}} ssl default_server;
41     server_name ~^(?<request_host>.*)$;
42     ssl_certificate "{{SSLCERT}}";
43     ssl_certificate_key "{{SSLKEY}}";
44     location  / {
45       proxy_pass http://keep-web;
46       proxy_set_header Host $request_host:{{KEEPWEBPORT}};
47       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
48     }
49   }
50   server {
51     listen *:{{KEEPWEBDLSSLPORT}} ssl default_server;
52     server_name ~.*;
53     ssl_certificate "{{SSLCERT}}";
54     ssl_certificate_key "{{SSLKEY}}";
55     location  / {
56       proxy_pass http://keep-web;
57       proxy_set_header Host download:{{KEEPWEBPORT}};
58       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
59       proxy_redirect //download:{{KEEPWEBPORT}}/ https://$host:{{KEEPWEBDLSSLPORT}}/;
60     }
61   }
62   upstream ws {
63     server localhost:{{WSPORT}};
64   }
65   server {
66     listen *:{{WSSPORT}} ssl default_server;
67     server_name ~^(?<request_host>.*)$;
68     ssl_certificate "{{SSLCERT}}";
69     ssl_certificate_key "{{SSLKEY}}";
70     location  / {
71       proxy_pass http://ws;
72       proxy_set_header Upgrade $http_upgrade;
73       proxy_set_header Connection "upgrade";
74       proxy_set_header Host $request_host:{{WSPORT}};
75       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
76     }
77   }
78   upstream controller {
79     server localhost:{{CONTROLLERPORT}};
80   }
81   server {
82     listen *:{{CONTROLLERSSLPORT}} ssl default_server;
83     server_name _;
84     ssl_certificate "{{SSLCERT}}";
85     ssl_certificate_key "{{SSLKEY}}";
86     location  / {
87       proxy_pass http://controller;
88       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
89     }
90   }
91 }