LucasMallmann/baseNginx.conf

## baseNginx.conf
user                 root;
worker_processes     5;
error_log            /var/log/nginx/error.log;
pid                  /var/run/nginx.pid;
worker_rlimit_nofile 8192;

events {
    worker_connections 4096;
}

http {

    include      /etc/nginx/mime.types;
    default_type application/json;

    server_names_hash_bucket_size 128;


    # Server Config
    server {

        listen      443 ssl http2;
        listen [::]:443 ssl http2;
        server_name pwa.pling.net.br;

        # ssl
        ssl_certificate     '/etc/ssl/certs/intermediate.crt';
        ssl_certificate_key '/etc/ssl/certs/private-key.key';
        ssl_session_timeout 1d;
        ssl_session_cache 'shared:SSL:1m';
        ssl_session_tickets off;
        ssl_protocols 'TLSv1.2';
        ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
        ssl_prefer_server_ciphers on;

        # gzip
        gzip on;
        gzip_disable "msie6";
        gzip_static  always;
        gzip_comp_level 6;
        gzip_min_length 1100;
        gzip_buffers 16 8k;
        gzip_proxied any;
        gzip_types
          text/plain
          text/css
          text/js
          text/xml
          text/javascript
          application/javascript
          application/x-javascript
          application/json
          application/xml
          application/rss+xml
          image/png
          image/jpeg
          image/svg+xml;

        client_max_body_size 50M;

        # Packing
        sendfile on;

        charset utf-8;

        # HSTS
        add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains';
        add_header X-Cache $upstream_cache_status;

        # Server logs
        access_log /var/log/nginx/pwa.access.log;
        error_log /var/log/nginx/pwa.error.log;

        # Keep a live config
        keepalive_timeout 70;

        location / {
            proxy_pass http://localhost:8096;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }

        location /admin/ {
            proxy_pass http://127.0.0.1:8098/;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }

        location /login/ {
            proxy_pass http://127.0.0.1:8081/;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }

        location /site-builder/ {
            proxy_pass http://127.0.0.1:8104/;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }

        location /blog/ {
            proxy_pass http://127.0.0.1:8107/;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }

        location /agenda/ {
          proxy_pass http://localhost:8114/;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
        }


        location /marca/ {
          proxy_pass http://localhost:8100/;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
        }

        location /presenca/ {
          proxy_pass http://localhost:8106/;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
        }

        location /sistema/ {
          proxy_pass http://localhost:8103/;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
        }

        location /covid/ {
          proxy_pass http://localhost:8116/;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
        }

        location /recompensas/ {
          proxy_pass http://localhost:8119/;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
        }

        location /email/ {
          proxy_pass http://localhost:8084/;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_cache_bypass $http_upgrade;
        }

        location /universos/ {
            proxy_pass http://127.0.0.1:8085/;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }

        location /http-bind {
                proxy_pass http://127.0.0.1:5280/http-bind;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $remote_addr;
                proxy_buffering off;
                tcp_nodelay on;
        }

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
          root /usr/share/nginx/html;
          internal;
        }
    }


    server {


        listen      443 ssl http2;
        listen [::]:443 ssl http2;
       server_name jitsi.pling.net.br;

        # ssl
        ssl_certificate     '/etc/ssl/certs/intermediate.crt';
        ssl_certificate_key '/etc/ssl/certs/private-key.key';
        ssl_session_timeout 1d;
        ssl_session_cache 'shared:SSL:1m';
        ssl_session_tickets off;
        ssl_protocols 'TLSv1.2';
        ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
        ssl_prefer_server_ciphers on;

        location / {
            proxy_pass http://localhost:81;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }

        location /http-bind {
                proxy_pass http://localhost:5280/http-bind;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $remote_addr;
                proxy_buffering off;
                tcp_nodelay on;
        }

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
          root /usr/share/nginx/html;
          internal;
        }
    }
}
	user root;
	worker_processes 5;
	error_log /var/log/nginx/error.log;
	pid /var/run/nginx.pid;
	worker_rlimit_nofile 8192;

	events {
	worker_connections 4096;
	}

	http {

	include /etc/nginx/mime.types;
	default_type application/json;

	server_names_hash_bucket_size 128;


	# Server Config
	server {

	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	server_name pwa.pling.net.br;

	# ssl
	ssl_certificate '/etc/ssl/certs/intermediate.crt';
	ssl_certificate_key '/etc/ssl/certs/private-key.key';
	ssl_session_timeout 1d;
	ssl_session_cache 'shared:SSL:1m';
	ssl_session_tickets off;
	ssl_protocols 'TLSv1.2';
	ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
	ssl_prefer_server_ciphers on;

	# gzip
	gzip on;
	gzip_disable "msie6";
	gzip_static always;
	gzip_comp_level 6;
	gzip_min_length 1100;
	gzip_buffers 16 8k;
	gzip_proxied any;
	gzip_types
	text/plain
	text/css
	text/js
	text/xml
	text/javascript
	application/javascript
	application/x-javascript
	application/json
	application/xml
	application/rss+xml
	image/png
	image/jpeg
	image/svg+xml;

	client_max_body_size 50M;

	# Packing
	sendfile on;

	charset utf-8;

	# HSTS
	add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains';
	add_header X-Cache $upstream_cache_status;

	# Server logs
	access_log /var/log/nginx/pwa.access.log;
	error_log /var/log/nginx/pwa.error.log;

	# Keep a live config
	keepalive_timeout 70;

	location / {
	proxy_pass http://localhost:8096;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /admin/ {
	proxy_pass http://127.0.0.1:8098/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /login/ {
	proxy_pass http://127.0.0.1:8081/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /site-builder/ {
	proxy_pass http://127.0.0.1:8104/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /blog/ {
	proxy_pass http://127.0.0.1:8107/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /agenda/ {
	proxy_pass http://localhost:8114/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}


	location /marca/ {
	proxy_pass http://localhost:8100/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /presenca/ {
	proxy_pass http://localhost:8106/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /sistema/ {
	proxy_pass http://localhost:8103/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /covid/ {
	proxy_pass http://localhost:8116/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /recompensas/ {
	proxy_pass http://localhost:8119/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /email/ {
	proxy_pass http://localhost:8084/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /universos/ {
	proxy_pass http://127.0.0.1:8085/;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /http-bind {
	proxy_pass http://127.0.0.1:5280/http-bind;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-For $remote_addr;
	proxy_buffering off;
	tcp_nodelay on;
	}

	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root /usr/share/nginx/html;
	internal;
	}
	}


	server {


	listen 443 ssl http2;
	listen [::]:443 ssl http2;
	server_name jitsi.pling.net.br;

	# ssl
	ssl_certificate '/etc/ssl/certs/intermediate.crt';
	ssl_certificate_key '/etc/ssl/certs/private-key.key';
	ssl_session_timeout 1d;
	ssl_session_cache 'shared:SSL:1m';
	ssl_session_tickets off;
	ssl_protocols 'TLSv1.2';
	ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
	ssl_prefer_server_ciphers on;

	location / {
	proxy_pass http://localhost:81;
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection 'upgrade';
	proxy_set_header Host $host;
	proxy_cache_bypass $http_upgrade;
	}

	location /http-bind {
	proxy_pass http://localhost:5280/http-bind;
	proxy_set_header Host $host;
	proxy_set_header X-Forwarded-For $remote_addr;
	proxy_buffering off;
	tcp_nodelay on;
	}

	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root /usr/share/nginx/html;
	internal;
	}
	}
	}