--- /dev/null
+# ============LICENSE_START========================================================================
+# O-RAN-SC : tr-069-adapter
+# =================================================================================================
+# Copyright (C) 2020 CommScope Inc Intellectual Property.
+# =================================================================================================
+# This tr-069-adapter software file is distributed by CommScope Inc under the Apache License,
+# Version 2.0 (the "License"); you may not use this file except in compliance with the License. You
+# may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+# either express or implied. See the License for the specific language governing permissions and
+# limitations under the License.
+# ===============LICENSE_END=======================================================================
+worker_processes auto;
+
+events { worker_connections 1024; }
+
+http {
+
+ sendfile on;
+ ssl_password_file /etc/nginx/ssl/tr069adapterCertPassPhrase;
+#
+# This Section is TR069Adapter for SSL Termination
+#
+ server {
+ listen 1111 tr069adapterComm;
+ server_name netconfServerIP;
+ ssl_certificate /etc/nginx/ssl/tr069adapterSSLCert;
+ ssl_certificate_key /etc/nginx/ssl/tr069adapterSSLKey;
+
+ ssl_client_certificate /etc/nginx/ssl/tr069adapterSSLClientTrustCRT;
+ ssl_verify_client on;
+
+ location /viewAll {
+ proxy_pass http://netconfServerIP:8089;
+ }
+
+ location /importFactory {
+ proxy_pass http://netconfServerIP:8089;
+ }
+
+ location /importConfig {
+ proxy_pass http://netconfServerIP:9000;
+ }
+
+ location /getConfig {
+ proxy_pass http://netconfServerIP:9000;
+ }
+
+ location /netConfServerManagerService/listServers {
+ proxy_pass http://netconfServerIP:8181;
+ }
+
+ location /CPEMgmt/acs {
+ proxy_pass http://netconfServerIP:9977;
+ proxy_redirect off;
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Forwarded-Host $server_name;
+ }
+ }
+
+#
+# This Section is for Fault VES Collector
+#
+ server {
+ listen 2222;
+ resolver faultvesCollectorDNSServer;
+ server_name netconfServerIP;
+
+ location / {
+ proxy_pass https://faultvesCollectorHost:faultvesCollectorPort$request_uri;
+ proxy_ssl_certificate /etc/nginx/ssl/faultvesCollectorSSLCert;
+ proxy_ssl_certificate_key /etc/nginx/ssl/faultvesCollectorSSLKey;
+ proxy_ssl_password_file /etc/nginx/ssl/tr069adapterCertPassPhrase;
+ proxy_ssl_session_reuse on;
+
+ proxy_ssl_trusted_certificate /etc/nginx/ssl/faultvesCollectorTrustCRT;
+ proxy_ssl_verify on;
+ proxy_ssl_verify_depth 2;
+
+ proxy_set_header Authorization "Basic faultvesCollectorBasicAuthUserPassEncrypt";
+ }
+ }
+
+#
+# This Section is for PNF Reg VES Collector
+#
+
+ server {
+ listen 3333;
+ resolver pnfregvesCollectorDNSServer;
+ server_name netconfServerIP;
+
+ location / {
+ proxy_pass https://pnfregvesCollectorHost:pnfregvesCollectorPort$request_uri;
+ proxy_ssl_certificate /etc/nginx/ssl/pnfregvesCollectorSSLCert;
+ proxy_ssl_certificate_key /etc/nginx/ssl/pnfregvesCollectorSSLKey;
+ proxy_ssl_password_file /etc/nginx/ssl/tr069adapterCertPassPhrase;
+ proxy_ssl_session_reuse on;
+
+ proxy_ssl_trusted_certificate /etc/nginx/ssl/pnfregvesCollectorTrustCRT;
+ proxy_ssl_verify on;
+ proxy_ssl_verify_depth 2;
+
+ proxy_set_header Authorization "Basic pnfregvesCollectorBasicAuthUserPassEncrypt";
+ }
+ }
+}