79 lines
2.3 KiB
Nginx Configuration File
79 lines
2.3 KiB
Nginx Configuration File
upstream hydra_public_api {
|
|
server hydra:4444;
|
|
}
|
|
upstream hydra_admin_api {
|
|
server hydra:4445;
|
|
}
|
|
upstream frontend {
|
|
server front:3000;
|
|
}
|
|
|
|
upstream backend {
|
|
server back:8080;
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name oauth2.logidex.ru;
|
|
location ~ ^/(admin|clients|keys|health|metrics|version|oauth2/auth/requests|oauth2/introspect|oauth2/flush)/? {
|
|
set $allow 0;
|
|
if ($remote_addr ~* "172.28.0.*") {
|
|
set $allow 1;
|
|
}
|
|
if ($arg_secret = "CHANGE-ME-INSECURE-PASSWORD") {
|
|
set $allow 1;
|
|
}
|
|
if ($http_x_secret = "CHANGE-ME-INSECURE-PASSWORD") {
|
|
set $allow 1;
|
|
}
|
|
if ($allow = 0) {
|
|
return 403;
|
|
}
|
|
|
|
proxy_pass http://hydra_admin_api;
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
|
|
}
|
|
|
|
location ~ ^/(.well-known|oauth2/auth|oauth2/token|oauth2/sessions|oauth2/revoke|oauth2/fallbacks/consent|oauth2/fallbacks/error|userinfo)/? {
|
|
proxy_pass http://hydra_public_api;
|
|
proxy_redirect off;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name id.logidex.ru;
|
|
|
|
location /api/ {
|
|
proxy_pass http://backend/api/; # Replace with your backend API URL
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection 'upgrade';
|
|
proxy_set_header Host $host;
|
|
proxy_cache_bypass $http_upgrade;
|
|
}
|
|
|
|
location / {
|
|
proxy_pass http://frontend;
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
location /_next/webpack-hmr {
|
|
proxy_pass http://frontend;
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "upgrade";
|
|
proxy_set_header Host $host;
|
|
}
|
|
|
|
} |