Skip to content

Instantly share code, notes, and snippets.

@tghastings

tghastings/config

Created October 22, 2020 18:27
Show Gist options
  • Save tghastings/7f25b73b5fa3da79858c7a1221f0e9c8 to your computer and use it in GitHub Desktop.
Save tghastings/7f25b73b5fa3da79858c7a1221f0e9c8 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
config
[root@harper (/srv/docker/nginx/config)]# cat nginx.conf
worker_processes 5; ## Default: 1
error_log logs/error.log;
pid logs/nginx.pid;
worker_rlimit_nofile 8192;
events {
worker_connections 4096; ## Default: 1024
}
http {
index index.html index.htm index.php;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
tcp_nopush on;
server_names_hash_bucket_size 128; # this seems to be required for some vhosts
client_max_body_size 500m;
server { # gitlab
listen 80;
server_name gitlab.service;
access_log logs/gitlab.log main;
# pass requests
location / {
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://gitlab:80;
}
}
###########################################################
## this configuration was generated by JFrog Artifactory ##
###########################################################
## server configuration
# server {
#
# listen 80 ;
#
# server_name artifactory.service;
# if ($http_x_forwarded_proto = '') {
# set $http_x_forwarded_proto $scheme;
# }
## Application specific logs
## access_log /var/log/nginx/artifactory.jfrog.com-access.log timing;
## error_log /var/log/nginx/artifactory.jfrog.com-error.log;
# rewrite ^/$ /webapp/ redirect;
# rewrite ^/?(/webapp)?$ /webapp/ redirect;
# chunked_transfer_encoding on;
# client_max_body_size 0;
# location / {
# proxy_read_timeout 900;
# proxy_pass_header Server;
# proxy_cookie_path ~*^/.* /;
# if ( $request_uri ~ ^/(.*)$ ) {
# proxy_pass http://artifactory:8085/$1;
# }
# proxy_pass http://artifactory:8085/;
# proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port;
# proxy_set_header X-Forwarded-Port $server_port;
# proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
# proxy_set_header Host $http_host;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# }
# }
## server configuration
# server {
# listen 5000;
#
# server_name artifactory.service;
# if ($http_x_forwarded_proto = '') {
# set $http_x_forwarded_proto $scheme;
# }
## Application specific logs
## access_log /var/log/nginx/artifactory.in-access.log timing;
## error_log /var/log/nginx/artifactory.in-error.log;
# rewrite ^/(v1|v2)/(.*) /api/docker/docker-main/$1/$2;
# chunked_transfer_encoding on;
# client_max_body_size 0;
# location / {
# proxy_read_timeout 900;
# proxy_pass_header Server;
# proxy_cookie_path ~*^/.* /;
# proxy_pass http://artifactory:8083/artifactory/;
# proxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto://$host:$server_port;
# proxy_set_header X-Forwarded-Port $server_port;
# proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
# proxy_set_header Host $http_host;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# }
# }
###########################################################
## this configuration was generated by JFrog Artifactory ##
###########################################################
## server configuration
server {
listen 80 ;
server_name artifactory.service;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
## Application specific logs
## access_log /var/log/nginx/artifactory.service-access.log timing;
## error_log /var/log/nginx/artifactory.service-error.log;
rewrite ^/$ /ui/ redirect;
rewrite ^/ui$ /ui/ redirect;
chunked_transfer_encoding on;
client_max_body_size 0;
location / {
proxy_read_timeout 2400s;
proxy_pass_header Server;
proxy_cookie_path ~*^/.* /;
proxy_pass http://artifactory:8082;
proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location ~ ^/artifactory/ {
proxy_pass http://artifactory:8081;
}
}
}
## server configuration
server {
listen 5000;
server_name artifactory.service;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
## Application specific logs
## access_log /var/log/nginx/artifactory.service-access.log timing;
## error_log /var/log/nginx/artifactory.service-error.log;
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-main/$1/$2;
chunked_transfer_encoding on;
client_max_body_size 0;
location / {
proxy_read_timeout 2400s;
proxy_pass_header Server;
proxy_cookie_path ~*^/.* /;
proxy_pass http://artifactory:8082;
proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location ~ ^/artifactory/ {
proxy_pass http://artifactory:8081;
}
}
}
## server configuration
server {
listen 4999;
server_name artifactory.service;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
## Application specific logs
## access_log /var/log/nginx/artifactory.service-access.log timing;
## error_log /var/log/nginx/artifactory.service-error.log;
rewrite ^/(v1|v2)/(.*) /artifactory/api/docker/docker-local/$1/$2;
chunked_transfer_encoding on;
client_max_body_size 0;
location / {
proxy_read_timeout 2400s;
proxy_pass_header Server;
proxy_cookie_path ~*^/.* /;
proxy_pass http://artifactory:8082;
proxy_set_header X-JFrog-Override-Base-Url $http_x_forwarded_proto://$host:$server_port;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location ~ ^/artifactory/ {
proxy_pass http://artifactory:8081;
}
}
}
## Twistlock
server {
listen 80;
server_name twistlock.service;
if ($http_x_forwarded_proto = '') {
set $http_x_forwarded_proto $scheme;
}
location / {
gzip on;
client_max_body_size 50M;
proxy_set_header Connection "";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_buffers 256 16k;
proxy_buffer_size 16k;
proxy_read_timeout 600s;
proxy_pass http://twistlock-console:8081;
}
}
## prom
#server {
#listen 80;
# server_name prom.service;
# if ($http_x_forwarded_proto = '') {
# set $http_x_forwarded_proto $scheme;
#}
# location / {
# gzip on;
# client_max_body_size 50M;
# proxy_set_header Connection "";
# proxy_set_header Host $http_host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
# proxy_set_header X-Frame-Options SAMEORIGIN;
# proxy_buffers 256 16k;
# proxy_buffer_size 16k;
# proxy_read_timeout 600s;
# proxy_pass http://prom:9090;
#}
#}
## NextCloud
# server {
# listen 80;
# server_name nextcloud.service;
# if ($http_x_forwarded_proto = '') {
# set $http_x_forwarded_proto $scheme;
#}
# location / {
# gzip on;
# client_max_body_size 50M;
# proxy_set_header Connection "";
# proxy_set_header Host $http_host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
# proxy_set_header X-Frame-Options SAMEORIGIN;
# proxy_buffers 256 16k;
# proxy_buffer_size 16k;
# proxy_read_timeout 600s;
# proxy_pass http://nextcloud:80;
#}
#}
server {
listen 80;
server_name keycloak.service;
server_tokens off;
root /dev/null;
location / {
proxy_pass http://keycloak:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
}
}
server {
listen 443 ssl;
server_name keycloak.service;
include snippets/self-signed.conf;
location / {
proxy_pass http://keycloak:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment