Created
January 30, 2022 18:37
-
-
Save haigopi/21d814166c212f94a1696cefc13b6d29 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user nginx nginx; | |
| worker_processes 2; | |
| error_log stderr warn; | |
| events { worker_connections 4096; } | |
| http { | |
| include /etc/nginx/mime.types; | |
| server_tokens off; | |
| client_max_body_size 32m; | |
| proxy_buffer_size 128k; | |
| proxy_buffers 4 256k; | |
| proxy_busy_buffers_size 256k; | |
| add_header 'Access-Control-Allow-Origin' ''; | |
| upstream gw_server { | |
| server gateway:8080; | |
| keepalive 128; | |
| } | |
| upstream auth_server { | |
| server keycloak:9080; | |
| keepalive 128; | |
| } | |
| upstream registry_server { | |
| server jhipster-registry:8761; | |
| keepalive 128; | |
| } | |
| upstream kibana_server { | |
| server kibana:5601; | |
| keepalive 128; | |
| } | |
| upstream prometheus_server { | |
| server prometheus:9090; | |
| keepalive 128; | |
| } | |
| upstream grafana_server { | |
| server grafana:3000; | |
| keepalive 128; | |
| } | |
| server { | |
| listen 80; | |
| listen [::]:80; | |
| server_name *.mydomain.com; | |
| } | |
| server { | |
| server_name gateway.mydomain.com; | |
| location ^~ /.well-known/acme-challenge { | |
| allow all; | |
| root /etc/letsencrypt/; | |
| } | |
| location / { | |
| proxy_pass http://gw_server; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Host $server_name; | |
| # 86400 seconds (24 hours) is the maximum a server is allowed. | |
| proxy_send_timeout 86400s; | |
| proxy_read_timeout 86400s; | |
| } | |
| } | |
| server { | |
| server_name auth.mydomain.com; | |
| location ^~ /.well-known/acme-challenge { | |
| allow all; | |
| root /etc/letsencrypt/; | |
| } | |
| location / { | |
| proxy_pass http://auth_server/; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Forwarded-For $host; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| add_header X-Frame-Options ""; | |
| } | |
| location /auth/ { | |
| proxy_pass http://auth_server/auth/; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Host $host; | |
| proxy_set_header X-Forwarded-Server $host; | |
| proxy_set_header X-Forwarded-Port $server_port; | |
| proxy_set_header X-Forwarded-Proto $scheme; | |
| } | |
| } | |
| server { | |
| server_name registry.mydomain.com; | |
| location ^~ /.well-known/acme-challenge { | |
| allow all; | |
| root /etc/letsencrypt/; | |
| } | |
| location / { | |
| proxy_pass http://registry_server; | |
| proxy_redirect off; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Host $server_name; | |
| # 86400 seconds (24 hours) is the maximum a server is allowed. | |
| proxy_send_timeout 86400s; | |
| proxy_read_timeout 86400s; | |
| } | |
| } | |
| server { | |
| server_name kibana.mydomain.com; | |
| location ^~ /.well-known/acme-challenge { | |
| allow all; | |
| root /etc/letsencrypt/; | |
| } | |
| location / { | |
| proxy_pass http://kibana_server; | |
| proxy_redirect off; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Host $server_name; | |
| proxy_send_timeout 86400s; | |
| proxy_read_timeout 86400s; | |
| } | |
| } | |
| server { | |
| server_name grafana.mydomain.com; | |
| location ^~ /.well-known/acme-challenge { | |
| allow all; | |
| root /etc/letsencrypt/; | |
| } | |
| location / { | |
| proxy_pass http://grafana_server; | |
| proxy_redirect off; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Host $server_name; | |
| proxy_send_timeout 86400s; | |
| proxy_read_timeout 86400s; | |
| } | |
| } | |
| server { | |
| server_name prometheus.mydomain.com; | |
| location ^~ /.well-known/acme-challenge { | |
| allow all; | |
| root /etc/letsencrypt/; | |
| } | |
| location / { | |
| proxy_pass http://prometheus_server; | |
| proxy_redirect off; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header X-Forwarded-Host $server_name; | |
| proxy_send_timeout 86400s; | |
| proxy_read_timeout 86400s; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment