From bf42da89acb244b4897e4660393dddaa5a182c73 Mon Sep 17 00:00:00 2001 From: Emmanuel Garette Date: Fri, 11 Mar 2022 19:55:02 +0100 Subject: [PATCH] better nginx support --- .../2022.03.08/base/templates/locale.conf | 1 + .../templates/revprox-nginx.conf | 37 ++++--------------- .../dictionaries/20_nginx_client.xml | 3 +- 3 files changed, 11 insertions(+), 30 deletions(-) create mode 100644 seed/applicationservice/2022.03.08/base/templates/locale.conf diff --git a/seed/applicationservice/2022.03.08/base/templates/locale.conf b/seed/applicationservice/2022.03.08/base/templates/locale.conf new file mode 100644 index 00000000..8ba0ee01 --- /dev/null +++ b/seed/applicationservice/2022.03.08/base/templates/locale.conf @@ -0,0 +1 @@ +LANG=fr_FR.UTF-8 diff --git a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/templates/revprox-nginx.conf b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/templates/revprox-nginx.conf index 3105fed1..415f406a 100644 --- a/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/templates/revprox-nginx.conf +++ b/seed/applicationservice/2022.03.08/nginx-reverse-proxy-server/templates/revprox-nginx.conf @@ -5,36 +5,15 @@ # Configuration HTTP %%domainname server { listen 80; - %if %%wildcard - %set %%prefix = "*." - %else - %set %%prefix = "" - %end if - server_name %%prefix%%domainname; + server_name %%domainname; error_page 403 404 502 503 504 /error.html; - location = /error.html{ - root /var/www/html; - } - %for %%location in %%revprox['revprox_location_' + family] - %set %%location_str = %%str(%%location) - %if %%location_str != '/' and %%location_str.endswith('/') - %set %%location_str = %%location_str[:-1] - %end if - location %%location_str { -%if %%wildcard - if ($host ~* ".%%domainname" ) { -%else - if ($host = "%%domainname" ) { -%end if + location / { rewrite ^(.*) https://$host$1 permanent; break; } - index error.html; - root /var/www/html; } # FIXME return 301 https://www.domain.com$request_uri; => https://www.nginx.com/blog/creating-nginx-rewrite-rules/ - %end for } # Configuration HTTPS %%domainname @@ -50,13 +29,13 @@ server { } %for %%location in %%revprox['revprox_location_' + family] + %set %%location_str = %%str(%%location) location %%location { - # FIXME proxy_bind A.A.A.A; proxy_pass %%location['revprox_url_' + family]; -# %if %%location['revprox_is_websocket_' + family] -# proxy_set_header Upgrade $http_upgrade; -# proxy_set_header Connection "upgrade"; -# %else + %if %%location['revprox_is_websocket_' + family] + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + %else proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Host $host; @@ -65,7 +44,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Destination $dest; -# %end if + %end if proxy_ssl_trusted_certificate /etc/pki/ca-trust/source/anchors/ca_ReverseProxy.crt; proxy_ssl_verify on; proxy_ssl_verify_depth 2; diff --git a/seed/applicationservice/2022.03.08/reverse-proxy-client/dictionaries/20_nginx_client.xml b/seed/applicationservice/2022.03.08/reverse-proxy-client/dictionaries/20_nginx_client.xml index 15689525..194346ad 100644 --- a/seed/applicationservice/2022.03.08/reverse-proxy-client/dictionaries/20_nginx_client.xml +++ b/seed/applicationservice/2022.03.08/reverse-proxy-client/dictionaries/20_nginx_client.xml @@ -79,7 +79,8 @@ revprox_client_server_domainname revprox_is_websocket revprox_client_external_domainname - + revprox_location + revprox_client_location revprox_client_is_websocket