-user www-data;
+# ============LICENSE_START===============================================
+# Copyright (C) 2023 Nordix Foundation. All rights reserved.
+# ========================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=================================================
+#
+
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
+load_module /usr/lib/nginx/modules/ndk_http_module.so;
+load_module /usr/lib/nginx/modules/ngx_http_lua_module.so;
+
+env ALLOW_HTTP;
events {
worker_connections 768;
- # multi_accept on;
}
http {
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
- # server_tokens off;
-
- # server_names_hash_bucket_size 64;
- # server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
+
+
server { # simple reverse-proxy
+ set_by_lua $allow_http 'return os.getenv("ALLOW_HTTP")';
listen 8085;
listen [::]:8085;
+ server_name localhost;
+ if ($allow_http != true) {
+ return 444;
+ }
+
+ # serve dynamic requests
+ location / {
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_pass http://localhost:2222;
+ }
+ }
+
+ server { # simple reverse-proxy
listen 8185 ssl;
listen [::]:8185 ssl;
server_name localhost;
# serve dynamic requests
location / {
- proxy_pass http://localhost:2222;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_pass http://localhost:2222;
}
}
##
gzip on;
- # gzip_vary on;
- # gzip_proxied any;
- # gzip_comp_level 6;
- # gzip_buffers 16 8k;
- # gzip_http_version 1.1;
- # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-
- ##
- # Virtual Host Configs
- ##
-
- include /etc/nginx/conf.d/*.conf;
- include /etc/nginx/sites-enabled/*;
}
-
-
-#mail {
-# # See sample authentication script at:
-# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
-#
-# # auth_http localhost/auth.php;
-# # pop3_capabilities "TOP" "USER";
-# # imap_capabilities "IMAP4rev1" "UIDPLUS";
-#
-# server {
-# listen localhost:110;
-# protocol pop3;
-# proxy on;
-# }
-#
-# server {
-# listen localhost:143;
-# protocol imap;
-# proxy on;
-# }
-#}
\ No newline at end of file
Code Review / sim / a1-interface.git / blobdiff