Created
October 22, 2020 18:27
-
-
Save tghastings/7f25b73b5fa3da79858c7a1221f0e9c8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[root@harper (/srv/docker/nginx/config)]# cat nginx.conf | |
worker_processes 5; ## Default: 1 | |
error_log logs/error.log; | |
pid logs/nginx.pid; | |
worker_rlimit_nofile 8192; | |
events { | |
worker_connections 4096; ## Default: 1024 | |
} | |
http { | |
index index.html index.htm index.php; | |
default_type application/octet-stream; | |
log_format main '$remote_addr - $remote_user [$time_local] $status ' | |
'"$request" $body_bytes_sent "$http_referer" ' | |
'"$http_user_agent" "$http_x_forwarded_for"'; | |
access_log logs/access.log main; | |
sendfile on; | |
tcp_nopush on; | |
server_names_hash_bucket_size 128; # this seems to be required for some vhosts | |
client_max_body_size 500m; | |
server { # gitlab | |
listen 80; | |
server_name gitlab.service; | |
access_log logs/gitlab.log main; | |
# pass requests | |
location / { | |
proxy_read_timeout 300; | |
proxy_connect_timeout 300; | |
proxy_redirect off; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Frame-Options SAMEORIGIN; | |
proxy_pass http://gitlab:80; | |
} | |
} | |
########################################################### | |
## this configuration was generated by JFrog Artifactory ## | |
########################################################### | |
## server configuration | |
# server { | |
# | |
# listen 80 ; | |
# | |
# server_name artifactory.service; | |
# if ($http_x_forwarded_proto = '') { | |
# set $http_x_forwarded_proto $scheme; | |
# } | |
## Application specific logs | |
## access_log /var/log/nginx/artifactory.jfrog.com-access.log timing; | |
## error_log /var/log/nginx/artifactory.jfrog.com-error.log; | |
# rewrite ^/$ /webapp/ redirect; | |
# rewrite ^/?(/webapp)?$ /webapp/ redirect; | |
# chunked_transfer_encoding on; | |
# client_max_body_size 0; | |
# location / { | |
# proxy_read_timeout 900; | |
# proxy_pass_header Server; | |
# proxy_cookie_path ~*^/.* /; | |
# if ( $request_uri ~ ^/(.*)$ ) { | |
# proxy_pass http://artifactory:8085/$1; | |
# } | |
# proxy_pass http://artifactory:8085/; | |
# proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port; | |
# proxy_set_header X-Forwarded-Port $server_port; | |
# proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; | |
# proxy_set_header Host $http_host; | |
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# } | |
# } | |
## server configuration | |
# server { | |
# listen 5000; | |
# | |
# server_name artifactory.service; | |
# if ($http_x_forwarded_proto = '') { | |
# set $http_x_forwarded_proto $scheme; | |
# } | |
## Application specific logs | |
## access_log /var/log/nginx/artifactory.in-access.log timing; | |
## error_log /var/log/nginx/artifactory.in-error.log; | |
# rewrite ^/(v1|v2)/(.*) /api/docker/docker-main/$1/$2; | |
# chunked_transfer_encoding on; | |
# client_max_body_size 0; | |
# location / { | |
# proxy_read_timeout 900; | |
# proxy_pass_header Server; | |
# proxy_cookie_path ~*^/.* /; | |
# proxy_pass http://artifactory:8083/artifactory/; | |
# proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port; | |
# proxy_set_header X-Forwarded-Port $server_port; | |
# proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; | |
# proxy_set_header Host $http_host; | |
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# } | |
# } | |
########################################################### | |
## this configuration was generated by JFrog Artifactory ## | |
########################################################### | |
## server configuration | |
server { | |
listen 80 ; | |
server_name artifactory.service; | |
if ($http_x_forwarded_proto = '') { | |
set $http_x_forwarded_proto $scheme; | |
} | |
## Application specific logs | |
## access_log /var/log/nginx/artifactory.service-access.log timing; | |
## error_log /var/log/nginx/artifactory.service-error.log; | |
rewrite ^/$ /ui/ redirect; | |
rewrite ^/ui$ /ui/ redirect; | |
chunked_transfer_encoding on; | |
client_max_body_size 0; | |
location / { | |
proxy_read_timeout 2400s; | |
proxy_pass_header Server; | |
proxy_cookie_path ~*^/.* /; | |
proxy_pass http://artifactory:8082; | |
proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port; | |
proxy_set_header X-Forwarded-Port $server_port; | |
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
location ~ ^/artifactory/ { | |
proxy_pass http://artifactory:8081; | |
} | |
} | |
} | |
## server configuration | |
server { | |
listen 5000; | |
server_name artifactory.service; | |
if ($http_x_forwarded_proto = '') { | |
set $http_x_forwarded_proto $scheme; | |
} | |
## Application specific logs | |
## access_log /var/log/nginx/artifactory.service-access.log timing; | |
## error_log /var/log/nginx/artifactory.service-error.log; | |
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-main/$1/$2; | |
chunked_transfer_encoding on; | |
client_max_body_size 0; | |
location / { | |
proxy_read_timeout 2400s; | |
proxy_pass_header Server; | |
proxy_cookie_path ~*^/.* /; | |
proxy_pass http://artifactory:8082; | |
proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port; | |
proxy_set_header X-Forwarded-Port $server_port; | |
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
location ~ ^/artifactory/ { | |
proxy_pass http://artifactory:8081; | |
} | |
} | |
} | |
## server configuration | |
server { | |
listen 4999; | |
server_name artifactory.service; | |
if ($http_x_forwarded_proto = '') { | |
set $http_x_forwarded_proto $scheme; | |
} | |
## Application specific logs | |
## access_log /var/log/nginx/artifactory.service-access.log timing; | |
## error_log /var/log/nginx/artifactory.service-error.log; | |
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-local/$1/$2; | |
chunked_transfer_encoding on; | |
client_max_body_size 0; | |
location / { | |
proxy_read_timeout 2400s; | |
proxy_pass_header Server; | |
proxy_cookie_path ~*^/.* /; | |
proxy_pass http://artifactory:8082; | |
proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port; | |
proxy_set_header X-Forwarded-Port $server_port; | |
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
location ~ ^/artifactory/ { | |
proxy_pass http://artifactory:8081; | |
} | |
} | |
} | |
## Twistlock | |
server { | |
listen 80; | |
server_name twistlock.service; | |
if ($http_x_forwarded_proto = '') { | |
set $http_x_forwarded_proto $scheme; | |
} | |
location / { | |
gzip on; | |
client_max_body_size 50M; | |
proxy_set_header Connection ""; | |
proxy_set_header Host $http_host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; | |
proxy_set_header X-Frame-Options SAMEORIGIN; | |
proxy_buffers 256 16k; | |
proxy_buffer_size 16k; | |
proxy_read_timeout 600s; | |
proxy_pass http://twistlock-console:8081; | |
} | |
} | |
## prom | |
#server { | |
#listen 80; | |
# server_name prom.service; | |
# if ($http_x_forwarded_proto = '') { | |
# set $http_x_forwarded_proto $scheme; | |
#} | |
# location / { | |
# gzip on; | |
# client_max_body_size 50M; | |
# proxy_set_header Connection ""; | |
# proxy_set_header Host $http_host; | |
# proxy_set_header X-Real-IP $remote_addr; | |
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; | |
# proxy_set_header X-Frame-Options SAMEORIGIN; | |
# proxy_buffers 256 16k; | |
# proxy_buffer_size 16k; | |
# proxy_read_timeout 600s; | |
# proxy_pass http://prom:9090; | |
#} | |
#} | |
## NextCloud | |
# server { | |
# listen 80; | |
# server_name nextcloud.service; | |
# if ($http_x_forwarded_proto = '') { | |
# set $http_x_forwarded_proto $scheme; | |
#} | |
# location / { | |
# gzip on; | |
# client_max_body_size 50M; | |
# proxy_set_header Connection ""; | |
# proxy_set_header Host $http_host; | |
# proxy_set_header X-Real-IP $remote_addr; | |
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto; | |
# proxy_set_header X-Frame-Options SAMEORIGIN; | |
# proxy_buffers 256 16k; | |
# proxy_buffer_size 16k; | |
# proxy_read_timeout 600s; | |
# proxy_pass http://nextcloud:80; | |
#} | |
#} | |
server { | |
listen 80; | |
server_name keycloak.service; | |
server_tokens off; | |
root /dev/null; | |
location / { | |
proxy_pass http://keycloak:8080/; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Host $host; | |
proxy_set_header X-Forwarded-Server $host; | |
proxy_set_header X-Forwarded-Port $server_port; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_set_header X-Frame-Options SAMEORIGIN; | |
} | |
} | |
server { | |
listen 443 ssl; | |
server_name keycloak.service; | |
include snippets/self-signed.conf; | |
location / { | |
proxy_pass http://keycloak:8080/; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Host $host; | |
proxy_set_header X-Forwarded-Server $host; | |
proxy_set_header X-Forwarded-Port $server_port; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
proxy_set_header X-Frame-Options SAMEORIGIN; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment