mwcz/scrapbook.conf

## scrapbook.conf
# map the cp-local user hostnames to the remote environment hostnames
map $http_host $upstream_host {
    ~^dev-.*\.domain\.com$        real.domain.com;
}

# Listen on port 80, but redirect to https/443

server {
    listen         80;
    server_name  ~^(dev|qa|stage|prod).*\.domain\.com$;
    return         301 https://$host$request_uri;
}

# Local proxy for Customer Portal environments (access.*.redhat.com)

server {

    listen 443;
    server_name  ~^(dev|qa|stage|prod).*\.domain\.com$;

    access_log  logs/access.log;

    disable_symlinks off;

    ssl on;
    ssl_certificate      ssl/server.crt;
    ssl_certificate_key  ssl/server.key;
    ssl_session_timeout  5m;
    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;

    gzip  on;
    gzip_comp_level 2;
    gzip_http_version 1.1;
    gzip_proxied any;
    gzip_types      text/plain text/css text/xml application/xml application/xml+rss text/javascript application/x-javascript application/javascript application/octet-stream;

    # include configs for any locally-running services.  for example, if you
    # run a local chrome service, or clientlogproxy, or any other local
    # service, create a conf file for it in services-enabled/
    #
    # a few common services exist in services-available which you can either
    # enable by creating symlinks to them, or use as references for creating
    # custom configurations for your own service.

    include /etc/nginx/conf.d/services-enabled/*.conf;

    location = / {
        root {{ SCRAPS_DIR }};
        try_files /index.html @remote;
    }

    # Now we're home free, if ANY incoming request's path exists inside
    # scrapbook, serve it up, otherwise proxy_pass to the remote environment.

    location / {
        root {{ SCRAPS_DIR }};
        index index.html;
        autoindex on;
        try_files $uri $uri/ @remote;
    }

    location @remote {

        proxy_pass https://$upstream_host;
        proxy_pass_request_body on;
        proxy_ssl_session_reuse on;
        proxy_buffer_size   128k;
        proxy_buffers   4 256k;
        proxy_busy_buffers_size   256k;
        proxy_intercept_errors on;

        # disable gzip so the text substitution below can work

        proxy_set_header Accept-Encoding "";

        # replace all instances of the upstream hostname with the cp-local hostname.

        sub_filter $upstream_host $http_host;
        sub_filter_types text/plain text/javascript text/css application/javascript application/json;
        sub_filter_once off;

    }
}
	# map the cp-local user hostnames to the remote environment hostnames
	map $http_host $upstream_host {
	~^dev-.*\.domain\.com$ real.domain.com;
	}

	# Listen on port 80, but redirect to https/443

	server {
	listen 80;
	server_name ~^(dev\|qa\|stage\|prod).*\.domain\.com$;
	return 301 https://$host$request_uri;
	}

	# Local proxy for Customer Portal environments (access.*.redhat.com)

	server {

	listen 443;
	server_name ~^(dev\|qa\|stage\|prod).*\.domain\.com$;

	access_log logs/access.log;

	disable_symlinks off;

	ssl on;
	ssl_certificate ssl/server.crt;
	ssl_certificate_key ssl/server.key;
	ssl_session_timeout 5m;
	ssl_protocols SSLv2 SSLv3 TLSv1;
	ssl_ciphers HIGH:!aNULL:!MD5;
	ssl_prefer_server_ciphers on;

	gzip on;
	gzip_comp_level 2;
	gzip_http_version 1.1;
	gzip_proxied any;
	gzip_types text/plain text/css text/xml application/xml application/xml+rss text/javascript application/x-javascript application/javascript application/octet-stream;

	# include configs for any locally-running services. for example, if you
	# run a local chrome service, or clientlogproxy, or any other local
	# service, create a conf file for it in services-enabled/
	#
	# a few common services exist in services-available which you can either
	# enable by creating symlinks to them, or use as references for creating
	# custom configurations for your own service.

	include /etc/nginx/conf.d/services-enabled/*.conf;

	location = / {
	root {{ SCRAPS_DIR }};
	try_files /index.html @remote;
	}

	# Now we're home free, if ANY incoming request's path exists inside
	# scrapbook, serve it up, otherwise proxy_pass to the remote environment.

	location / {
	root {{ SCRAPS_DIR }};
	index index.html;
	autoindex on;
	try_files $uri $uri/ @remote;
	}

	location @remote {

	proxy_pass https://$upstream_host;
	proxy_pass_request_body on;
	proxy_ssl_session_reuse on;
	proxy_buffer_size 128k;
	proxy_buffers 4 256k;
	proxy_busy_buffers_size 256k;
	proxy_intercept_errors on;

	# disable gzip so the text substitution below can work

	proxy_set_header Accept-Encoding "";

	# replace all instances of the upstream hostname with the cp-local hostname.

	sub_filter $upstream_host $http_host;
	sub_filter_types text/plain text/javascript text/css application/javascript application/json;
	sub_filter_once off;

	}
	}