lostbean · March 6, 2024 13:01
diff --git a/nginx.conf b/nginx.conf
 error_log /var/log/nginx/error.log debug;
 pid /var/run/nginx.pid;

 events {
    worker_connections 1024;
 }

 http {
    log_format proxy_log
        '[$time_local] $remote_addr - $remote_user "$host$request_uri" '
        '$status $body_bytes_sent "$http_referer" '
        '"$http_user_agent" "$http_x_forwarded_for"'
        ' Proxy: "$proxy_host" "$upstream_addr"';

    proxy_cache_path cache/
        levels=1:2
        keys_zone=auth_cache:5m
        max_size=96m
        inactive=10m
        use_temp_path=off;

    map $http_upgrade $connection_upgrade {
        default upgrade;
        ''      close;
    }

    upstream host_service {
       server host.docker.internal:4000;
    }

    # Reverse Proxy for exposing service's ports
    server {
        set $token '<TOKEN>';
        set $instance_id '<INSTANCE>';

        listen 80;
        access_log /var/log/nginx/access.log proxy_log;
        server_name localhost

        # this is the upstream DNS resolver in AWS, all VPCs have this set as default: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#AmazonDNS
        # Note if you are running this container outside of the AWS VPC, e.g. locally, you need to point to another resolver/gateway IP.
        resolver 10.0.0.2 valid=10s;
        keepalive_timeout 600 600;

        location /gateway {
            # Rewrite requests for build assets so that the em backend can resolve them.
            proxy_http_version 1.1;
            proxy_pass https://cloud.kurtosis.com/gateway;
            proxy_set_header Cookie "_kurtosis_jwt_token=$token";
            proxy_set_header Authorization "Bearer $token";
            proxy_set_header Host cloud.kurtosis.com;
            proxy_pass_request_headers on;
        }

        location /api/ {
            # Send all other requests on the gateway down to the em backend - they are either api requests or url requests which need index.html
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_pass https://engine-<INSTANCE_SHORT>.cloud.kurtosis.com/api/;
            proxy_set_header Cookie "_kurtosis_instance_id=$instance_id; _kurtosis_jwt_token=$token; kurtosis=$token";
            proxy_set_header Authorization "Bearer $token";
            proxy_set_header Host engine-<INSTANCE_SHORT>.cloud.kurtosis.com;
            proxy_pass_request_headers on;
        }

        # We want this to be the last match:
        location / {
            proxy_pass http://host_service;
            proxy_pass_request_headers on;
        }
    }

 }
	error_log /var/log/nginx/error.log debug;
	pid /var/run/nginx.pid;

	events {
	worker_connections 1024;
	}

	http {
	log_format proxy_log
	'[$time_local] $remote_addr - $remote_user "$host$request_uri" '
	'$status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"'
	' Proxy: "$proxy_host" "$upstream_addr"';

	proxy_cache_path cache/
	levels=1:2
	keys_zone=auth_cache:5m
	max_size=96m
	inactive=10m
	use_temp_path=off;

	map $http_upgrade $connection_upgrade {
	default upgrade;
	'' close;
	}

	upstream host_service {
	server host.docker.internal:4000;
	}

	# Reverse Proxy for exposing service's ports
	server {
	set $token '<TOKEN>';
	set $instance_id '<INSTANCE>';

	listen 80;
	access_log /var/log/nginx/access.log proxy_log;
	server_name localhost

	# this is the upstream DNS resolver in AWS, all VPCs have this set as default: https://docs.aws.amazon.com/vpc/latest/userguide/vpc-dns.html#AmazonDNS
	# Note if you are running this container outside of the AWS VPC, e.g. locally, you need to point to another resolver/gateway IP.
	resolver 10.0.0.2 valid=10s;
	keepalive_timeout 600 600;

	location /gateway {
	# Rewrite requests for build assets so that the em backend can resolve them.
	proxy_http_version 1.1;
	proxy_pass https://cloud.kurtosis.com/gateway;
	proxy_set_header Cookie "_kurtosis_jwt_token=$token";
	proxy_set_header Authorization "Bearer $token";
	proxy_set_header Host cloud.kurtosis.com;
	proxy_pass_request_headers on;
	}

	location /api/ {
	# Send all other requests on the gateway down to the em backend - they are either api requests or url requests which need index.html
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";
	proxy_pass https://engine-<INSTANCE_SHORT>.cloud.kurtosis.com/api/;
	proxy_set_header Cookie "_kurtosis_instance_id=$instance_id; _kurtosis_jwt_token=$token; kurtosis=$token";
	proxy_set_header Authorization "Bearer $token";
	proxy_set_header Host engine-<INSTANCE_SHORT>.cloud.kurtosis.com;
	proxy_pass_request_headers on;
	}

	# We want this to be the last match:
	location / {
	proxy_pass http://host_service;
	proxy_pass_request_headers on;
	}
	}

	}