# ============LICENSE_START======================================================================== # O-RAN-SC : tr-069-adapter # ================================================================================================= # Copyright (C) 2020 CommScope Inc Intellectual Property. # ================================================================================================= # This tr-069-adapter software file is distributed by CommScope Inc under the Apache License, # Version 2.0 (the "License"); you may not use this file except in compliance with the License. You # may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, # either express or implied. See the License for the specific language governing permissions and # limitations under the License. # ===============LICENSE_END======================================================================= worker_processes auto; events { worker_connections 1024; } http { sendfile on; ssl_password_file /etc/nginx/ssl/tr069adapterCertPassPhrase; # # This Section is TR069Adapter for SSL Termination # server { listen 1111 tr069adapterComm; server_name netconfServerIP; ssl_certificate /etc/nginx/ssl/tr069adapterSSLCert; ssl_certificate_key /etc/nginx/ssl/tr069adapterSSLKey; ssl_client_certificate /etc/nginx/ssl/tr069adapterSSLClientTrustCRT; ssl_verify_client on; location /viewAll { proxy_pass http://netconfServerIP:8089; } location /importFactory { proxy_pass http://netconfServerIP:8089; } location /importConfig { proxy_pass http://netconfServerIP:9000; } location /getConfig { proxy_pass http://netconfServerIP:9000; } location /netConfServerManagerService/listServers { proxy_pass http://netconfServerIP:8181; } location /CPEMgmt/acs { proxy_pass http://netconfServerIP:9977; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $server_name; } } # # This Section is for Fault VES Collector # server { listen 2222; resolver faultvesCollectorDNSServer; server_name netconfServerIP; location / { proxy_pass https://faultvesCollectorHost:faultvesCollectorPort$request_uri; proxy_ssl_certificate /etc/nginx/ssl/faultvesCollectorSSLCert; proxy_ssl_certificate_key /etc/nginx/ssl/faultvesCollectorSSLKey; proxy_ssl_password_file /etc/nginx/ssl/tr069adapterCertPassPhrase; proxy_ssl_session_reuse on; proxy_ssl_trusted_certificate /etc/nginx/ssl/faultvesCollectorTrustCRT; proxy_ssl_verify on; proxy_ssl_verify_depth 2; proxy_set_header Authorization "Basic faultvesCollectorBasicAuthUserPassEncrypt"; } } # # This Section is for PNF Reg VES Collector # server { listen 3333; resolver pnfregvesCollectorDNSServer; server_name netconfServerIP; location / { proxy_pass https://pnfregvesCollectorHost:pnfregvesCollectorPort$request_uri; proxy_ssl_certificate /etc/nginx/ssl/pnfregvesCollectorSSLCert; proxy_ssl_certificate_key /etc/nginx/ssl/pnfregvesCollectorSSLKey; proxy_ssl_password_file /etc/nginx/ssl/tr069adapterCertPassPhrase; proxy_ssl_session_reuse on; proxy_ssl_trusted_certificate /etc/nginx/ssl/pnfregvesCollectorTrustCRT; proxy_ssl_verify on; proxy_ssl_verify_depth 2; proxy_set_header Authorization "Basic pnfregvesCollectorBasicAuthUserPassEncrypt"; } } }