diff options
author | Gary Wu <gary.i.wu@huawei.com> | 2018-11-13 16:02:27 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2018-11-13 16:02:27 +0000 |
commit | 9da32fdfc691e4f5df8f26607c5665b7a5063199 (patch) | |
tree | 2969e8dca7b06cd1d571f422e8fabfabe9ba7fcb /onap-offline/cfg/nginx.conf | |
parent | 1359ae6401357c9381c0f0e0cf997a48fb8272d2 (diff) | |
parent | b61f538e0c907ab84501bda27ea62cc1bfcbe369 (diff) |
Merge "Propagate rootCA to policy pods"3.0.1-ONAP3.0.0-ONAPcasablanca
Diffstat (limited to 'onap-offline/cfg/nginx.conf')
-rw-r--r-- | onap-offline/cfg/nginx.conf | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/onap-offline/cfg/nginx.conf b/onap-offline/cfg/nginx.conf new file mode 100644 index 0000000..6656855 --- /dev/null +++ b/onap-offline/cfg/nginx.conf @@ -0,0 +1,110 @@ +worker_processes 2; + +events { + worker_connections 1024; +} + +http { + error_log /var/log/nginx/error.log debug; + access_log /var/log/nginx/access.log; + + proxy_intercept_errors on; + proxy_send_timeout 120; + proxy_read_timeout 300; + + upstream nexus { + server nexus:8081; + } + + upstream registry { + server nexus:8082; + } + +# http simulations + server { + listen 80; + listen 443 ssl; + server_name _; + ssl_certificate /etc/nginx/certs/nexus_server.crt; + ssl_certificate_key /etc/nginx/certs/nexus_server.key; + + keepalive_timeout 5 5; + + location / { + root /srv/http/$host; + index index.html; + } + } + +# nexus simulations + server { + listen 80; + listen 443 ssl; + server_name nexus.student12 gcr.io registry-1.docker.io docker.io registry.npmjs.org nexus3.onap.org docker.elastic.co registry.hub.docker.com repo.maven.apache.org repo1.maven.org; + ssl_certificate /etc/nginx/certs/nexus_server.crt; + ssl_certificate_key /etc/nginx/certs/nexus_server.key; + + keepalive_timeout 5 5; + proxy_buffering off; + + # allow large uploads + client_max_body_size 3G; + + location /maven2 { + rewrite /maven2/(.*) /repository/maven2/$1 break; + # redirect to docker registry + proxy_pass http://nexus; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + + location / { + # redirect to docker registry + if ($http_user_agent ~ docker ) { + proxy_pass http://registry; + } + proxy_pass http://nexus; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + } + +# git simulations + server { + listen 80; + listen 443 ssl; + server_name gerrit.onap.org git.rancher.io github.com; + ssl_certificate /etc/nginx/certs/nexus_server.crt; + ssl_certificate_key /etc/nginx/certs/nexus_server.key; + + keepalive_timeout 5 5; + proxy_buffering off; + + location / { + try_files $uri $uri/ @git; + } + + location @git { + + # Set chunks to unlimited, as the body's can be huge + client_max_body_size 0; + + fastcgi_param SCRIPT_FILENAME /usr/libexec/git-core/git-http-backend; + fastcgi_param QUERY_STRING $args; + fastcgi_param HTTP_HOST $server_name; + fastcgi_param PATH_INFO $uri; + + include fastcgi_params; + + fastcgi_param GIT_HTTP_EXPORT_ALL ""; + fastcgi_param GIT_PROJECT_ROOT /srv/git/$host/; + + # Forward REMOTE_USER as we want to know when we are authenticated + fastcgi_param REMOTE_USER $remote_user; + + fastcgi_pass unix:/var/run/fcgiwrap.socket; + } + } +} |