Untitled

mail@pastecode.io avatar
unknown
plain_text
a year ago
22 kB
2
Indexable
Never
server {
    listen 80 default_server;
    listen [::]:80 default_server;
    server_name langu.io www.langu.io;

location /.well-known/acme-challenge/ {
        root /var/www/nginx;
    }

    return 301 https://$server_name$request_uri;
}

upstream websocket {
        server node:6020;
}

upstream frontend {
        server frontend:3000;
}

upstream libreoffice {
        server libreoffice:6040;
}

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

server {
        listen 443 http2 ssl;
        listen [::]:443 http2 ssl;
        client_max_body_size 24000M;

        server_name langu.io;

        ssl_certificate /etc/nginx/nginx-selfsigned.crt;
        ssl_certificate_key /etc/nginx/nginx-selfsigned.key;
        #ssl_certificate /etc/letsencrypt/live/langu.io/fullchain.pem;
        #ssl_certificate_key /etc/letsencrypt/live/langu.io/privkey.pem;
        ssl_session_cache shared:SSL:50m;
        ssl_session_timeout 5m;
        ssl_prefer_server_ciphers on;

        root /var/www/langu/public;

        index index.php index.html index.htm index.nginx-debian.html;

        location / {
                gzip on;
                gzip_static on;
                try_files $uri /app.php/$is_args$args;
                access_log  off;
        }

        location /api/ {
                error_log /var/www/langu/l2api.error.log;
                rewrite ^ /api.php$is_args$args;
        }

        location /websocket {
                error_log /var/www/langu/l2-live.error.log;

                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://websocket;
                proxy_cache_bypass $http_upgrade;
        }

        location /teacher-listing {
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/teacher-listing;
                proxy_cache_bypass $http_upgrade;
        }


        location /user/password/ {
          #      auth_basic "L2 dev";
          #      auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/user/password/;
                proxy_cache_bypass $http_upgrade;
        }


        location /user/settings {
                #auth_basic "L2 dev";
                #auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/user/settings;
                proxy_cache_bypass $http_upgrade;
        }

        location /sw.js {
                #auth_basic "L2 dev";
                #auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend;
                proxy_cache_bypass $http_upgrade;
        }

        location /checkout/p24-payin/ {
                #auth_basic "L2 dev";
                #auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/checkout/p24-payin/;
                proxy_cache_bypass $http_upgrade;
        }

        location /teacher/ {
                #auth_basic "L2 dev";
                #auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/teacher/;
                proxy_cache_bypass $http_upgrade;
        }

        location = /user/messages {
#                auth_basic "L2 dev";
#                auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/user/messages;
                proxy_cache_bypass $http_upgrade;
        }

        location ~ /user/messages/([0-9]+)/view {
#                auth_basic "L2 dev";
#                auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/user/messages/$1/view;
                proxy_cache_bypass $http_upgrade;
        }


#        location /user/profile/ {
         #       auth_basic "L2 dev";
         #       auth_basic_user_file /etc/nginx/.htpasswd;
#                gzip off;
#                proxy_set_header Upgrade $http_upgrade;
##                proxy_set_header Connection $connection_upgrade;
#                proxy_http_version 1.1;
#                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#                proxy_set_header Host $host;
#                proxy_pass http://frontend/user/profile/;
#                proxy_cache_bypass $http_upgrade;
#        }
#        location /api/proxy {
#                gzip off;
#                proxy_set_header Upgrade $http_upgrade;
#                proxy_set_header Connection $connection_upgrade;
#                proxy_http_version 1.1;
#                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#                proxy_set_header Host $host;
#                proxy_pass http://frontend/api/proxy;
#                proxy_cache_bypass $http_upgrade;
#        }


#        location /api2/proxy {
#                gzip off;
#                proxy_set_header Upgrade $http_upgrade;
#                proxy_set_header Connection $connection_upgrade;
#                proxy_http_version 1.1;
#                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#                proxy_set_header Host $host;
#                proxy_pass http://frontend/api2/proxy;
#                proxy_cache_bypass $http_upgrade;
#        }


        location  = / {
        #        auth_basic "L2 dev";
        #        auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend;
                proxy_cache_bypass $http_upgrade;
      }

        location  = /business {
        #        auth_basic "L2 dev";
        #        auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/business;
                proxy_cache_bypass $http_upgrade;
      }

        location  = /education {
        #        auth_basic "L2 dev";
        #        auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/education;
                proxy_cache_bypass $http_upgrade;
      }


        location /_nuxt/ {
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/_nuxt/;
                proxy_cache_bypass $http_upgrade;
        }

        location ~ /lesson/([0-9]+)/classroom {
                #auth_basic "L2 dev";
                #auth_basic_user_file /etc/nginx/.htpasswd;
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/lesson/$1/classroom;
                proxy_cache_bypass $http_upgrade;
        }


        location /user/register {
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host:4061;
                proxy_pass http://frontend/user/register;
                proxy_cache_bypass $http_upgrade;
        }

        location = /robots.txt {
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host:4061;
                proxy_pass http://frontend/robots.txt;
                proxy_cache_bypass $http_upgrade;
        }

        location = /sitemap.xml {
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host:4061;
                proxy_pass http://frontend/sitemap.xml;
                proxy_cache_bypass $http_upgrade;
        }

        location /user/lessons {
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/user/lessons;
                proxy_cache_bypass $http_upgrade;
        }

        location /user/unscheduled-lessons {
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/user/unscheduled-lessons;
                proxy_cache_bypass $http_upgrade;
        }

        location /user/past-lessons {
                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://frontend/user/past-lessons;
                proxy_cache_bypass $http_upgrade;
        }

        location /api/convert {
                error_log /var/www/langu/l2-live.error.log;

                gzip off;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection $connection_upgrade;
                proxy_http_version 1.1;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_pass http://libreoffice;
                proxy_cache_bypass $http_upgrade;
        }


        # Application can be run in debug mode by visiting langu.dev/app_debug.php/<other_route>
        # This location block should be omitted in production.
        location ~ ^/(app|config)\.php(/|$) {
                gzip off;

                # Uncomment these lines for staging / production modes.
                # auth_basic "L2 dev";
                # auth_basic_user_file /etc/nginx/.htpasswd;

                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
                fastcgi_pass php:9000;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_buffers 16 16k;
                fastcgi_buffer_size 32k;
    }

    # This location block should be omitted in production.
     location ~ ^/api\.php(/|$) {
                gzip off;

                # Uncomment these lines for staging / production modes.
                # auth_basic "L2 dev";
                # auth_basic_user_file /etc/nginx/.htpasswd;

                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
                fastcgi_pass php:9000;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_buffers 16 16k;
                fastcgi_buffer_size 32k;
    }

    location ~ ^/app\.php(/|$) {
        gzip off;

        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_pass php:9000;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;

        internal;
    }

     location ~ ^/api\.php(/|$) {
        gzip off;

        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_pass php:9000;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;

        internal;
    }

    location ~ \.php$ {
      return 404;
    }

    location ~ /\.ht {
            deny all;
    }

    error_log /var/log/nginx/l2_error.log;
    access_log /var/log/nginx/l2_access.log;
}

server {
        listen 443 http2 ssl;
        listen [::]:443 http2 ssl;
        client_max_body_size 24000M;

        server_name admin.langu.io ;

        ssl_certificate /etc/nginx/nginx-selfsigned.crt;
        ssl_certificate_key /etc/nginx/nginx-selfsigned.key;
        #ssl_certificate /etc/letsencrypt/live/admin.langu.io/fullchain.pem;
        #ssl_certificate_key /etc/letsencrypt/live/admin.langu.io/privkey.pem;
        ssl_session_cache shared:SSL:50m;
        ssl_session_timeout 5m;
        ssl_prefer_server_ciphers on;

        root /var/www/langu/public;

        index index.php index.html index.htm index.nginx-debian.html;

        location / {
                gzip on;
                gzip_static on;
                try_files $uri /admin.php/$is_args$args;
                access_log  off;
        }


 # Application can be run in debug mode by visiting langu.dev/app_debug.php/<other_route>
        # This location block should be omitted in production.
        location ~ ^/(admin|config)\.php(/|$) {
                gzip off;

                # Uncomment these lines for staging / production modes.
                # auth_basic "L2 dev";
                # auth_basic_user_file /etc/nginx/.htpasswd;

                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
                fastcgi_pass php:9000;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_buffers 16 16k;
                fastcgi_buffer_size 32k;
    }

    location ~ \.php$ {
      return 404;
    }

    location ~ /\.ht {
            deny all;
    }

    error_log /var/log/nginx/l2admin_error.log;
    access_log /var/log/nginx/l2admin_access.log;
}


server {
    if ($host = api.langu.io) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80 ;
    listen [::]:80;
    server_name api.langu.io;

    return 301 https://$server_name$request_uri;
}


server {
        listen 443 http2 ssl;
        listen [::]:443 http2 ssl;
        client_max_body_size 24000M;

        server_name api.langu.io;
        #ssl_certificate /etc/letsencrypt/live/api.langu.io/fullchain.pem; # managed by Certbot
        #ssl_certificate_key /etc/letsencrypt/live/api.langu.io/privkey.pem; # managed by Certbot
        ssl_certificate /etc/nginx/nginx-selfsigned.crt;
        ssl_certificate_key /etc/nginx/nginx-selfsigned.key;
        ssl_session_cache shared:SSL:50m;
        ssl_session_timeout 5m;
        ssl_prefer_server_ciphers on;

        root /var/www/langu/public;

        index index.php index.html index.htm index.nginx-debian.html;

        location = / {
                return 404;
        }


        location /api/ {
                gzip on;
                gzip_static on;
                try_files $uri /api.php/$is_args$args;
                access_log  off;
        }

        location ~ ^/(api|config)\.php(/|$) {
                gzip off;

                #auth_basic "L2 dev";
                #auth_basic_user_file /etc/nginx/.htpasswd;

                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi_params;
                fastcgi_pass php:9000;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_buffers 16 16k;
                fastcgi_buffer_size 32k;
                if ($http_origin ~* "^https?://(langu.io|pl.langu.io|es.langu.io|api.langu.io)$") {
                    set $cors "CORS";
                }
                if ($request_method != 'OPTIONS') {
                    set $cors "${cors} NOT-OPTIONS";
                }

               #if ($http_origin = ''){
               #     set $http_origin "*";
               # }

#                if ($request_method ~* "(GET|POST)") {
#                    add_header Access-Control-Allow-Origin "*";
#                }


                if ($cors = "CORS") {
                    add_header Access-Control-Allow-Origin "$http_origin";
                    #add_header Access-Control-Allow-Origin "*";
                    add_header Access-Control-Allow-Credentials "true";
                    add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE";
                    add_header Access-Control-Allow-Headers "accept,cache-control,pragma,upgrade-insecure-requests, authorization, locale, cookie, content-type";
                    add_header Access-Control-Request-Headers "*";
                    return 200;
                }

                if ($cors = "CORS NOT-OPTIONS") {
                    add_header Access-Control-Allow-Origin "$http_origin";
                    #add_header Access-Control-Allow-Origin "*";
                    add_header Access-Control-Allow-Credentials "true";
                    add_header Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE";
                    add_header Access-Control-Allow-Headers "accept,cache-control,pragma,upgrade-insecure-requests, authorization, locale, cookie, content-type";
                    add_header Access-Control-Request-Headers "*";
                }


#                auth_basic "L2 dev";
#                auth_basic_user_file /etc/nginx/.htpasswd;
    }

#        auth_basic "L2 dev";
#        auth_basic_user_file /etc/nginx/.htpasswd;

    location ~ \.php$ {
      return 404;
    }

    location ~ /\.ht {
            deny all;
    }

    error_log /var/log/nginx/l2api_error.log;
    access_log /var/log/nginx/l2api_access.log;

}