summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/main/docker/frontend/Dockerfile16
-rw-r--r--src/main/docker/frontend/nginx/default.conf25
-rw-r--r--src/main/docker/frontend/nginx/nginx.conf43
3 files changed, 57 insertions, 27 deletions
diff --git a/src/main/docker/frontend/Dockerfile b/src/main/docker/frontend/Dockerfile
index 1bcf4b06c..660fb8240 100644
--- a/src/main/docker/frontend/Dockerfile
+++ b/src/main/docker/frontend/Dockerfile
@@ -49,7 +49,19 @@ COPY --from=build /app/build /usr/share/nginx/html
COPY --from=build /app/ssl /etc/ssl
RUN rm /etc/nginx/conf.d/default.conf
RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log
-COPY nginx/nginx.conf /etc/nginx/conf.d
-EXPOSE 443
+
+COPY nginx/nginx.conf /etc/nginx/nginx.conf
+COPY nginx/default.conf /etc/nginx/conf.d/default.conf
+
+WORKDIR /app
+
+RUN chown -R clamp:onap /app && chmod -R 755 /app && \
+ chown -R clamp:onap /var/cache/nginx && \
+ chown -R clamp:onap /var/log/nginx && \
+ chown -R clamp:onap /etc/nginx/conf.d
+RUN touch /var/run/nginx.pid && \
+ chown -R clamp:onap /var/run/nginx.pid
+
USER clamp
+EXPOSE 2443
CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file
diff --git a/src/main/docker/frontend/nginx/default.conf b/src/main/docker/frontend/nginx/default.conf
new file mode 100644
index 000000000..b15429c74
--- /dev/null
+++ b/src/main/docker/frontend/nginx/default.conf
@@ -0,0 +1,25 @@
+server {
+
+ listen 2443 default ssl;
+ ssl_protocols TLSv1.2;
+ ssl_certificate /etc/ssl/clamp.pem;
+ ssl_certificate_key /etc/ssl/clamp.key;
+ ssl_verify_client optional_no_ca;
+ location /restservices/clds/ {
+ proxy_pass https://clamp-backend:8443;
+ proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
+ }
+
+ location / {
+ root /usr/share/nginx/html;
+ index index.html index.htm;
+ try_files $uri $uri/ /index.html;
+ }
+
+ error_page 500 502 503 504 /50x.html;
+
+ location = /50x.html {
+ root /usr/share/nginx/html;
+ }
+
+} \ No newline at end of file
diff --git a/src/main/docker/frontend/nginx/nginx.conf b/src/main/docker/frontend/nginx/nginx.conf
index e18c1e831..beeb2b1eb 100644
--- a/src/main/docker/frontend/nginx/nginx.conf
+++ b/src/main/docker/frontend/nginx/nginx.conf
@@ -1,25 +1,18 @@
-server {
-
- listen 443 default ssl;
- ssl_protocols TLSv1.2;
- ssl_certificate /etc/ssl/clamp.pem;
- ssl_certificate_key /etc/ssl/clamp.key;
- ssl_verify_client optional_no_ca;
- location /restservices/clds/ {
- proxy_pass https://clamp-backend:8443;
- proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
- }
-
- location / {
- root /usr/share/nginx/html;
- index index.html index.htm;
- try_files $uri $uri/ /index.html;
- }
-
- error_page 500 502 503 504 /50x.html;
-
- location = /50x.html {
- root /usr/share/nginx/html;
- }
-
-} \ No newline at end of file
+worker_processes 1;
+pid /var/run/nginx.pid;
+error_log /dev/stdout info;
+events {
+}
+http {
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+ access_log /var/log/nginx/access.log main;
+ sendfile on;
+ #tcp_nopush on;
+ keepalive_timeout 65;
+ #gzip on;
+ include /etc/nginx/conf.d/*.conf;
+ } \ No newline at end of file