blob: fb48565f6af04f2fe898f72d7b173c9060f3d879 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
worker_processes 2;
events {
worker_connections 1024;
}
http {
error_log /var/log/nginx/error.log debug;
access_log /var/log/nginx/access.log;
proxy_intercept_errors on;
proxy_send_timeout 120;
proxy_read_timeout 300;
upstream nexus {
server nexus:8081;
}
upstream registry {
server nexus:8082;
}
# http simulations
server {
listen 80;
listen 443 ssl;
server_name _;
ssl_certificate /etc/nginx/certs/nexus_server.crt;
ssl_certificate_key /etc/nginx/certs/nexus_server.key;
keepalive_timeout 5 5;
location / {
root /srv/http/$host;
index index.html;
}
}
# nexus simulations
server {
listen 80;
listen 443 ssl;
server_name {% for host in simulated_hosts.nexus -%}
{{ host + " " }}
{%- endfor %};
ssl_certificate /etc/nginx/certs/nexus_server.crt;
ssl_certificate_key /etc/nginx/certs/nexus_server.key;
keepalive_timeout 5 5;
proxy_buffering off;
# allow large uploads
client_max_body_size 3G;
location / {
# redirect to docker registry
if ($http_user_agent ~ docker ) {
proxy_pass http://registry;
}
proxy_pass http://nexus;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# git simulations
server {
listen 80;
listen 443 ssl;
server_name {% for host in simulated_hosts.git -%}
{{ host + " " }}
{%- endfor %};
ssl_certificate /etc/nginx/certs/nexus_server.crt;
ssl_certificate_key /etc/nginx/certs/nexus_server.key;
keepalive_timeout 5 5;
proxy_buffering off;
location / {
try_files $uri $uri/ @git;
}
location @git {
# Set chunks to unlimited, as the body's can be huge
client_max_body_size 0;
fastcgi_param SCRIPT_FILENAME /usr/libexec/git-core/git-http-backend;
fastcgi_param QUERY_STRING $args;
fastcgi_param HTTP_HOST $server_name;
fastcgi_param PATH_INFO $uri;
include fastcgi_params;
fastcgi_param GIT_HTTP_EXPORT_ALL "";
fastcgi_param GIT_PROJECT_ROOT /srv/git/$host/;
# Forward REMOTE_USER as we want to know when we are authenticated
fastcgi_param REMOTE_USER $remote_user;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
}
}
|