| Michal Ptacek | 8d6f28f | 2018-12-19 12:13:50 +0000 | [diff] [blame^] | 1 | worker_processes 2; |
| 2 | |
| 3 | events { |
| 4 | worker_connections 1024; |
| 5 | } |
| 6 | |
| 7 | http { |
| 8 | error_log /var/log/nginx/error.log debug; |
| 9 | access_log /var/log/nginx/access.log; |
| 10 | |
| 11 | proxy_intercept_errors on; |
| 12 | proxy_send_timeout 120; |
| 13 | proxy_read_timeout 300; |
| 14 | |
| 15 | upstream nexus { |
| 16 | server nexus:8081; |
| 17 | } |
| 18 | |
| 19 | upstream registry { |
| 20 | server nexus:8082; |
| 21 | } |
| 22 | |
| 23 | # http simulations |
| 24 | server { |
| 25 | listen 80; |
| 26 | listen 443 ssl; |
| 27 | server_name _; |
| 28 | ssl_certificate /etc/nginx/certs/nexus_server.crt; |
| 29 | ssl_certificate_key /etc/nginx/certs/nexus_server.key; |
| 30 | |
| 31 | keepalive_timeout 5 5; |
| 32 | |
| 33 | location / { |
| 34 | root /srv/http/$host; |
| 35 | index index.html; |
| 36 | } |
| 37 | } |
| 38 | |
| 39 | # nexus simulations |
| 40 | server { |
| 41 | listen 80; |
| 42 | listen 443 ssl; |
| 43 | server_name {% for host in simulated_hosts.nexus -%} |
| 44 | {{ host + " " }} |
| 45 | {%- endfor %}; |
| 46 | ssl_certificate /etc/nginx/certs/nexus_server.crt; |
| 47 | ssl_certificate_key /etc/nginx/certs/nexus_server.key; |
| 48 | |
| 49 | keepalive_timeout 5 5; |
| 50 | proxy_buffering off; |
| 51 | |
| 52 | # allow large uploads |
| 53 | client_max_body_size 3G; |
| 54 | |
| 55 | location / { |
| 56 | # redirect to docker registry |
| 57 | if ($http_user_agent ~ docker ) { |
| 58 | proxy_pass http://registry; |
| 59 | } |
| 60 | proxy_pass http://nexus; |
| 61 | proxy_set_header Host $host; |
| 62 | proxy_set_header X-Real-IP $remote_addr; |
| 63 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; |
| 64 | } |
| 65 | } |
| 66 | |
| 67 | # git simulations |
| 68 | server { |
| 69 | listen 80; |
| 70 | listen 443 ssl; |
| 71 | server_name {% for host in simulated_hosts.git -%} |
| 72 | {{ host + " " }} |
| 73 | {%- endfor %}; |
| 74 | ssl_certificate /etc/nginx/certs/nexus_server.crt; |
| 75 | ssl_certificate_key /etc/nginx/certs/nexus_server.key; |
| 76 | |
| 77 | keepalive_timeout 5 5; |
| 78 | proxy_buffering off; |
| 79 | |
| 80 | location / { |
| 81 | try_files $uri $uri/ @git; |
| 82 | } |
| 83 | |
| 84 | location @git { |
| 85 | |
| 86 | # Set chunks to unlimited, as the body's can be huge |
| 87 | client_max_body_size 0; |
| 88 | |
| 89 | fastcgi_param SCRIPT_FILENAME /usr/libexec/git-core/git-http-backend; |
| 90 | fastcgi_param QUERY_STRING $args; |
| 91 | fastcgi_param HTTP_HOST $server_name; |
| 92 | fastcgi_param PATH_INFO $uri; |
| 93 | |
| 94 | include fastcgi_params; |
| 95 | |
| 96 | fastcgi_param GIT_HTTP_EXPORT_ALL ""; |
| 97 | fastcgi_param GIT_PROJECT_ROOT /srv/git/$host/; |
| 98 | |
| 99 | # Forward REMOTE_USER as we want to know when we are authenticated |
| 100 | fastcgi_param REMOTE_USER $remote_user; |
| 101 | |
| 102 | fastcgi_pass unix:/var/run/fcgiwrap.socket; |
| 103 | } |
| 104 | } |
| 105 | } |