Untitled
unknown
plain_text
2 years ago
22 kB
2
Indexable
Never
server { listen 80 default_server; listen [::]:80 default_server; server_name langu.io www.langu.io; location /.well-known/acme-challenge/ { root /var/www/nginx; } return 301 https://$server_name$request_uri; } upstream websocket { server node:6020; } upstream frontend { server frontend:3000; } upstream libreoffice { server libreoffice:6040; } map $http_upgrade $connection_upgrade { default upgrade; '' close; } server { listen 443 http2 ssl; listen [::]:443 http2 ssl; client_max_body_size 24000M; server_name langu.io; ssl_certificate /etc/nginx/nginx-selfsigned.crt; ssl_certificate_key /etc/nginx/nginx-selfsigned.key; #ssl_certificate /etc/letsencrypt/live/langu.io/fullchain.pem; #ssl_certificate_key /etc/letsencrypt/live/langu.io/privkey.pem; ssl_session_cache shared:SSL:50m; ssl_session_timeout 5m; ssl_prefer_server_ciphers on; root /var/www/langu/public; index index.php index.html index.htm index.nginx-debian.html; location / { gzip on; gzip_static on; try_files $uri /app.php/$is_args$args; access_log off; } location /api/ { error_log /var/www/langu/l2api.error.log; rewrite ^ /api.php$is_args$args; } location /websocket { error_log /var/www/langu/l2-live.error.log; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://websocket; proxy_cache_bypass $http_upgrade; } location /teacher-listing { gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/teacher-listing; proxy_cache_bypass $http_upgrade; } location /user/password/ { # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/user/password/; proxy_cache_bypass $http_upgrade; } location /user/settings { #auth_basic "L2 dev"; #auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/user/settings; proxy_cache_bypass $http_upgrade; } location /sw.js { #auth_basic "L2 dev"; #auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend; proxy_cache_bypass $http_upgrade; } location /checkout/p24-payin/ { #auth_basic "L2 dev"; #auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/checkout/p24-payin/; proxy_cache_bypass $http_upgrade; } location /teacher/ { #auth_basic "L2 dev"; #auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/teacher/; proxy_cache_bypass $http_upgrade; } location = /user/messages { # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/user/messages; proxy_cache_bypass $http_upgrade; } location ~ /user/messages/([0-9]+)/view { # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/user/messages/$1/view; proxy_cache_bypass $http_upgrade; } # location /user/profile/ { # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; # gzip off; # proxy_set_header Upgrade $http_upgrade; ## proxy_set_header Connection $connection_upgrade; # proxy_http_version 1.1; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header Host $host; # proxy_pass http://frontend/user/profile/; # proxy_cache_bypass $http_upgrade; # } # location /api/proxy { # gzip off; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection $connection_upgrade; # proxy_http_version 1.1; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header Host $host; # proxy_pass http://frontend/api/proxy; # proxy_cache_bypass $http_upgrade; # } # location /api2/proxy { # gzip off; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection $connection_upgrade; # proxy_http_version 1.1; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header Host $host; # proxy_pass http://frontend/api2/proxy; # proxy_cache_bypass $http_upgrade; # } location = / { # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend; proxy_cache_bypass $http_upgrade; } location = /business { # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/business; proxy_cache_bypass $http_upgrade; } location = /education { # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/education; proxy_cache_bypass $http_upgrade; } location /_nuxt/ { gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/_nuxt/; proxy_cache_bypass $http_upgrade; } location ~ /lesson/([0-9]+)/classroom { #auth_basic "L2 dev"; #auth_basic_user_file /etc/nginx/.htpasswd; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/lesson/$1/classroom; proxy_cache_bypass $http_upgrade; } location /user/register { gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host:4061; proxy_pass http://frontend/user/register; proxy_cache_bypass $http_upgrade; } location = /robots.txt { gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host:4061; proxy_pass http://frontend/robots.txt; proxy_cache_bypass $http_upgrade; } location = /sitemap.xml { gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host:4061; proxy_pass http://frontend/sitemap.xml; proxy_cache_bypass $http_upgrade; } location /user/lessons { gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/user/lessons; proxy_cache_bypass $http_upgrade; } location /user/unscheduled-lessons { gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/user/unscheduled-lessons; proxy_cache_bypass $http_upgrade; } location /user/past-lessons { gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://frontend/user/past-lessons; proxy_cache_bypass $http_upgrade; } location /api/convert { error_log /var/www/langu/l2-live.error.log; gzip off; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_http_version 1.1; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $host; proxy_pass http://libreoffice; proxy_cache_bypass $http_upgrade; } # Application can be run in debug mode by visiting langu.dev/app_debug.php/<other_route> # This location block should be omitted in production. location ~ ^/(app|config)\.php(/|$) { gzip off; # Uncomment these lines for staging / production modes. # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_pass php:9000; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; } # This location block should be omitted in production. location ~ ^/api\.php(/|$) { gzip off; # Uncomment these lines for staging / production modes. # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_pass php:9000; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; } location ~ ^/app\.php(/|$) { gzip off; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_pass php:9000; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; internal; } location ~ ^/api\.php(/|$) { gzip off; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_pass php:9000; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; internal; } location ~ \.php$ { return 404; } location ~ /\.ht { deny all; } error_log /var/log/nginx/l2_error.log; access_log /var/log/nginx/l2_access.log; } server { listen 443 http2 ssl; listen [::]:443 http2 ssl; client_max_body_size 24000M; server_name admin.langu.io ; ssl_certificate /etc/nginx/nginx-selfsigned.crt; ssl_certificate_key /etc/nginx/nginx-selfsigned.key; #ssl_certificate /etc/letsencrypt/live/admin.langu.io/fullchain.pem; #ssl_certificate_key /etc/letsencrypt/live/admin.langu.io/privkey.pem; ssl_session_cache shared:SSL:50m; ssl_session_timeout 5m; ssl_prefer_server_ciphers on; root /var/www/langu/public; index index.php index.html index.htm index.nginx-debian.html; location / { gzip on; gzip_static on; try_files $uri /admin.php/$is_args$args; access_log off; } # Application can be run in debug mode by visiting langu.dev/app_debug.php/<other_route> # This location block should be omitted in production. location ~ ^/(admin|config)\.php(/|$) { gzip off; # Uncomment these lines for staging / production modes. # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_pass php:9000; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; } location ~ \.php$ { return 404; } location ~ /\.ht { deny all; } error_log /var/log/nginx/l2admin_error.log; access_log /var/log/nginx/l2admin_access.log; } server { if ($host = api.langu.io) { return 301 https://$host$request_uri; } # managed by Certbot listen 80 ; listen [::]:80; server_name api.langu.io; return 301 https://$server_name$request_uri; } server { listen 443 http2 ssl; listen [::]:443 http2 ssl; client_max_body_size 24000M; server_name api.langu.io; #ssl_certificate /etc/letsencrypt/live/api.langu.io/fullchain.pem; # managed by Certbot #ssl_certificate_key /etc/letsencrypt/live/api.langu.io/privkey.pem; # managed by Certbot ssl_certificate /etc/nginx/nginx-selfsigned.crt; ssl_certificate_key /etc/nginx/nginx-selfsigned.key; ssl_session_cache shared:SSL:50m; ssl_session_timeout 5m; ssl_prefer_server_ciphers on; root /var/www/langu/public; index index.php index.html index.htm index.nginx-debian.html; location = / { return 404; } location /api/ { gzip on; gzip_static on; try_files $uri /api.php/$is_args$args; access_log off; } location ~ ^/(api|config)\.php(/|$) { gzip off; #auth_basic "L2 dev"; #auth_basic_user_file /etc/nginx/.htpasswd; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; fastcgi_pass php:9000; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; if ($http_origin ~* "^https?://(langu.io|pl.langu.io|es.langu.io|api.langu.io)$") { set $cors "CORS"; } if ($request_method != 'OPTIONS') { set $cors "${cors} NOT-OPTIONS"; } #if ($http_origin = ''){ # set $http_origin "*"; # } # if ($request_method ~* "(GET|POST)") { # add_header Access-Control-Allow-Origin "*"; # } if ($cors = "CORS") { add_header Access-Control-Allow-Origin "$http_origin"; #add_header Access-Control-Allow-Origin "*"; add_header Access-Control-Allow-Credentials "true"; add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE"; add_header Access-Control-Allow-Headers "accept,cache-control,pragma,upgrade-insecure-requests, authorization, locale, cookie, content-type"; add_header Access-Control-Request-Headers "*"; return 200; } if ($cors = "CORS NOT-OPTIONS") { add_header Access-Control-Allow-Origin "$http_origin"; #add_header Access-Control-Allow-Origin "*"; add_header Access-Control-Allow-Credentials "true"; add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE"; add_header Access-Control-Allow-Headers "accept,cache-control,pragma,upgrade-insecure-requests, authorization, locale, cookie, content-type"; add_header Access-Control-Request-Headers "*"; } # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; } # auth_basic "L2 dev"; # auth_basic_user_file /etc/nginx/.htpasswd; location ~ \.php$ { return 404; } location ~ /\.ht { deny all; } error_log /var/log/nginx/l2api_error.log; access_log /var/log/nginx/l2api_access.log; }