-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: nginx adventures #4 - fixed ssl error
- Loading branch information
1 parent
222a880
commit 14dbab6
Showing
12 changed files
with
210 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...oservices/api-gateway/proxy_settings.conf → ...gateway-docker/location_proxy_shared.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| copy: | ||
| sudo cp nginx.conf /etc/nginx/nginx.conf | ||
| sudo cp location_proxy_shared.conf /etc/nginx/conf.d/location_proxy_shared.conf | ||
| sudo cp service_config/auth_service_routes.conf /etc/nginx/conf.d/auth_service.conf | ||
| sudo cp service_config/recommendation_service_routes.conf /etc/nginx/conf.d/recommendation_service.conf | ||
| sudo cp service_config/user_service_routes.conf /etc/nginx/conf.d/user_service.conf | ||
| sudo nginx -t | ||
| sudo systemctl reload nginx | ||
|
|
||
| update: | ||
| sudo cp proxy.conf /etc/nginx/sites-available/proxy.conf | ||
| sudo cp nginx.conf /etc/nginx/nginx.conf | ||
| sudo nginx -t | ||
| sudo systemctl reload nginx | ||
|
|
||
| reload: | ||
| sudo systemctl reload nginx | ||
|
|
||
| check: | ||
| sudo nginx -t | ||
|
|
||
| view-error-logs: | ||
| sudo tail -f /var/log/nginx/error.log | ||
|
|
||
| view-access-logs: | ||
| sudo tail -f /var/log/nginx/access.log |
5 changes: 5 additions & 0 deletions
5
ovatify-backend/microservices/api-gateway/vm/location_proxy_shared.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| # location_proxy_shared.conf | ||
| proxy_pass_request_headers on; | ||
| proxy_set_header X-Real-IP $remote_addr; | ||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| proxy_set_header X-Forwarded-Proto $scheme; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,75 @@ | ||
| user www-data; | ||
| worker_processes auto; | ||
| pid /run/nginx.pid; | ||
| include /etc/nginx/modules-enabled/*.conf; | ||
|
|
||
| # nginx.conf | ||
| events { | ||
| worker_connections 1024; | ||
| } | ||
|
|
||
| http { | ||
|
|
||
| ## | ||
| # Basic Settings | ||
| ## | ||
|
|
||
| sendfile on; | ||
| tcp_nopush on; | ||
| types_hash_max_size 2048; | ||
| # server_tokens off; | ||
|
|
||
| # server_names_hash_bucket_size 64; | ||
| # server_name_in_redirect off; | ||
|
|
||
| include /etc/nginx/mime.types; | ||
| default_type application/octet-stream; | ||
|
|
||
| ## | ||
| # SSL Settings | ||
| ## | ||
|
|
||
| ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE | ||
| ssl_prefer_server_ciphers on; | ||
|
|
||
| ## | ||
| # Logging Settings | ||
| ## | ||
|
|
||
| access_log /var/log/nginx/access.log; | ||
| error_log /var/log/nginx/error.log; | ||
|
|
||
| ## | ||
| # Gzip Settings | ||
| ## | ||
|
|
||
| gzip on; | ||
|
|
||
| # Upstream | ||
|
|
||
| upstream auth_service { | ||
| server ovtf-auth-srv-clpiqqqcgq-ew.a.run.app:443; | ||
| } | ||
|
|
||
| upstream recommendation_service { | ||
| server recommendation-service-clpiqqqcgq-ew.a.run.app:443; | ||
| } | ||
|
|
||
| upstream user_service { | ||
| server user-service-clpiqqqcgq-ew.a.run.app:443; | ||
| } | ||
|
|
||
| # Reverse proxy server | ||
|
|
||
| server { | ||
| listen 80; | ||
|
|
||
| set $auth_service_host ovtf-auth-srv-clpiqqqcgq-ew.a.run.app; | ||
| set $recommendation_service_host recommendation-service-clpiqqqcgq-ew.a.run.app; | ||
| set $user_service_host user-service-clpiqqqcgq-ew.a.run.app; | ||
|
|
||
| include /etc/nginx/conf.d/auth_service.conf; | ||
| include /etc/nginx/conf.d/recommendation_service.conf; | ||
| include /etc/nginx/conf.d/user_service.conf; | ||
| } | ||
| } |
12 changes: 12 additions & 0 deletions
12
ovatify-backend/microservices/api-gateway/vm/service_config/auth_service_routes.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| # auth_service_routes.conf | ||
| location /users/create-user/ { | ||
| proxy_pass https://auth_service; | ||
| proxy_set_header Host $auth_service_host; | ||
| include /etc/nginx/conf.d/location_proxy_shared.conf; | ||
| } | ||
|
|
||
| location /users/login/ { | ||
| proxy_pass https://auth_service; | ||
| proxy_set_header Host $auth_service_host; | ||
| include /etc/nginx/conf.d/location_proxy_shared.conf; | ||
| } |
24 changes: 24 additions & 0 deletions
24
...fy-backend/microservices/api-gateway/vm/service_config/recommendation_service_routes.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| # recommendation_service_routes.conf | ||
| location /users/recommend-you-might-like/ { | ||
| proxy_pass https://recommendation_service; | ||
| proxy_set_header Host $recommendation_service_host; | ||
| include /etc/nginx/conf.d/location_proxy_shared.conf; | ||
| } | ||
|
|
||
| location /users/recommend-since-you-like/ { | ||
| proxy_pass https://recommendation_service; | ||
| proxy_set_header Host $recommendation_service_host; | ||
| include /etc/nginx/conf.d/location_proxy_shared.conf; | ||
| } | ||
|
|
||
| location /users/recommend-friend-mix/ { | ||
| proxy_pass https://recommendation_service; | ||
| proxy_set_header Host $recommendation_service_host; | ||
| include /etc/nginx/conf.d/location_proxy_shared.conf; | ||
| } | ||
|
|
||
| location /users/recommend-friend-listen/ { | ||
| proxy_pass https://recommendation_service; | ||
| proxy_set_header Host $recommendation_service_host; | ||
| include /etc/nginx/conf.d/location_proxy_shared.conf; | ||
| } |
18 changes: 18 additions & 0 deletions
18
ovatify-backend/microservices/api-gateway/vm/service_config/user_service_routes.conf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| # user_service_routes.conf | ||
| location /users/get-user-profile/ { | ||
| proxy_pass https://user_service; | ||
| proxy_set_header Host $user_service_host; | ||
| include /etc/nginx/conf.d/location_proxy_shared.conf; | ||
| } | ||
|
|
||
| location /users/edit-user-preferences/ { | ||
| proxy_pass https://user_service; | ||
| proxy_set_header Host $user_service_host; | ||
| include /etc/nginx/conf.d/location_proxy_shared.conf; | ||
| } | ||
|
|
||
| location /users/delete-user/ { | ||
| proxy_pass https://user_service; | ||
| proxy_set_header Host $user_service_host; | ||
| include /etc/nginx/conf.d/location_proxy_shared.conf; | ||
| } |