Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / offline-installer / b1fe78553ea7d1caf90c1d52e195cd8f2a082008 / . / ansible / roles / nginx / templates / nginx.conf.j2
blob: 9860a168cce876280917f41d645acf360b7de642 [file] [log] [blame]
Michal Ptacek8d6f28f2018-12-19 12:13:50 +0000[diff] [blame]1worker_processes 2;
2
3events {
4 worker_connections 1024;
5}
6
7http {
eronkeoaae996e2019-03-28 12:03:26 +0000[diff] [blame]8 server_names_hash_bucket_size 64;
Michal Ptacek8d6f28f2018-12-19 12:13:50 +0000[diff] [blame]9 error_log /var/log/nginx/error.log debug;
10 access_log /var/log/nginx/access.log;
11
12 proxy_intercept_errors on;
13 proxy_send_timeout 120;
14 proxy_read_timeout 300;
15
Michal Ptacek8d6f28f2018-12-19 12:13:50 +0000[diff] [blame]16# http simulations
17 server {
18 listen 80;
19 listen 443 ssl;
20 server_name _;
21 ssl_certificate /etc/nginx/certs/nexus_server.crt;
22 ssl_certificate_key /etc/nginx/certs/nexus_server.key;
23
24 keepalive_timeout 5 5;
25
26 location / {
27 root /srv/http/$host;
28 index index.html;
29 }
30 }
31
32# nexus simulations
33 server {
Samuli Silviusf6f5fc42019-02-13 11:00:39 +0200[diff] [blame]34 resolver 127.0.0.11 valid=30s;
Michal Ptacek8d6f28f2018-12-19 12:13:50 +0000[diff] [blame]35 listen 80;
36 listen 443 ssl;
37 server_name {% for host in simulated_hosts.nexus -%}
38 {{ host + " " }}
39 {%- endfor %};
40 ssl_certificate /etc/nginx/certs/nexus_server.crt;
41 ssl_certificate_key /etc/nginx/certs/nexus_server.key;
42
43 keepalive_timeout 5 5;
44 proxy_buffering off;
45
46 # allow large uploads
47 client_max_body_size 3G;
48
49 location / {
Samuli Silviusf6f5fc42019-02-13 11:00:39 +0200[diff] [blame]50 set $upstream_nexus nexus:8081;
51 set $upstream_registry nexus:8082;
Michal Ptacek8d6f28f2018-12-19 12:13:50 +0000[diff] [blame]52 # redirect to docker registry
53 if ($http_user_agent ~ docker ) {
Samuli Silviusf6f5fc42019-02-13 11:00:39 +0200[diff] [blame]54 proxy_pass http://$upstream_registry;
Michal Ptacek8d6f28f2018-12-19 12:13:50 +0000[diff] [blame]55 }
Samuli Silviusf6f5fc42019-02-13 11:00:39 +0200[diff] [blame]56 proxy_pass http://$upstream_nexus;
Michal Ptacek8d6f28f2018-12-19 12:13:50 +0000[diff] [blame]57 proxy_set_header Host $host;
58 proxy_set_header X-Real-IP $remote_addr;
59 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
60 }
61 }
62
63# git simulations
64 server {
65 listen 80;
66 listen 443 ssl;
67 server_name {% for host in simulated_hosts.git -%}
68 {{ host + " " }}
69 {%- endfor %};
70 ssl_certificate /etc/nginx/certs/nexus_server.crt;
71 ssl_certificate_key /etc/nginx/certs/nexus_server.key;
72
73 keepalive_timeout 5 5;
74 proxy_buffering off;
75
76 location / {
77 try_files $uri $uri/ @git;
78 }
79
80 location @git {
81
82 # Set chunks to unlimited, as the body's can be huge
83 client_max_body_size 0;
84
85 fastcgi_param SCRIPT_FILENAME /usr/libexec/git-core/git-http-backend;
86 fastcgi_param QUERY_STRING $args;
87 fastcgi_param HTTP_HOST $server_name;
88 fastcgi_param PATH_INFO $uri;
89
90 include fastcgi_params;
91
92 fastcgi_param GIT_HTTP_EXPORT_ALL "";
93 fastcgi_param GIT_PROJECT_ROOT /srv/git/$host/;
94
95 # Forward REMOTE_USER as we want to know when we are authenticated
96 fastcgi_param REMOTE_USER $remote_user;
97
98 fastcgi_pass unix:/var/run/fcgiwrap.socket;
99 }
100 }
101}