This repository has been archived by the owner on Oct 11, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 37
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Updating the submodules for master. * Removing release file, got added by mistake * Updating to correct dotnet submodule for Device simulation * Updating the submodule hash * Updating the nginx.conf path to help with local setup * Adding nginx.conf for local that disables https
- Loading branch information
Showing
1 changed file
with
136 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,136 @@ | ||
# Copyright (c) Microsoft. All rights reserved. | ||
|
||
# TODO: verify whether the resolver/DNS works (or has no impact) when running with Kubernetes | ||
# TODO: remove logs or move outside of the container | ||
|
||
daemon off; | ||
worker_processes 1; | ||
error_log /app/logs/error.log; | ||
pid /app/logs/nginx.pid; | ||
worker_rlimit_nofile 131072; | ||
|
||
events { | ||
worker_connections 1024; | ||
} | ||
|
||
http { | ||
# Required so that nginx can resolve IPs when working with Docker Compose | ||
resolver 127.0.0.11 ipv6=off; | ||
|
||
include /etc/nginx/mime.types; | ||
default_type text/plain; | ||
|
||
index index.html index.htm; | ||
|
||
log_format upstreaminfo '$remote_addr - ' | ||
'[$proxy_add_x_forwarded_for] - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" ' | ||
'$request_length $request_time $upstream_addr $upstream_response_length $upstream_response_time $upstream_status'; | ||
|
||
access_log /app/logs/access.log upstreaminfo; | ||
error_log /app/logs/error.log; | ||
|
||
server { | ||
listen 80; | ||
server_name reverseproxy 127.0.0.1; | ||
|
||
# Disable caching behavior for now | ||
# TODO: enable cache for static content later | ||
add_header Cache-Control "no-cache"; | ||
expires 0; | ||
|
||
# when serving any content, include a X-Content-Type-Options: nosniff | ||
# header along with the Content-Type: header, to disable content-type | ||
# sniffing on some browsers. | ||
add_header X-Content-Type-Options "nosniff" always; | ||
|
||
# Don't allow the browser to render the page inside a frame/iframe | ||
# and avoid clickjacking http://en.wikipedia.org/wiki/Clickjacking | ||
# If you need [i]frames, use SAMEORIGIN or set an uri with ALLOW-FROM uri | ||
# See https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options | ||
add_header X-Frame-Options SAMEORIGIN always; | ||
|
||
set $webui_endpoint "http://webui:80"; | ||
set $auth_endpoint "http://auth:9001"; | ||
set $iothubmanager_endpoint "http://iothubmanager:9002"; | ||
set $devicesimulation_endpoint "http://devicesimulation:9003"; | ||
set $telemetry_endpoint "http://telemetry:9004"; | ||
set $config_endpoint "http://config:9005"; | ||
|
||
location / { | ||
proxy_pass $webui_endpoint; | ||
proxy_pass_header Authorization; | ||
# TODO ~devis: remove - https://github.com/Azure/azure-iot-pcs-remote-monitoring-dotnet/issues/11 | ||
# Public preview only: used to distinguish internal/external traffic | ||
proxy_set_header X-Source external; | ||
proxy_buffering off; | ||
client_max_body_size 0; | ||
proxy_read_timeout 3600s; | ||
proxy_redirect off; | ||
} | ||
|
||
location /auth/ { | ||
rewrite /auth/(.*) /$1 break; | ||
proxy_pass $auth_endpoint; | ||
proxy_pass_header Authorization; | ||
# TODO ~devis: remove - https://github.com/Azure/azure-iot-pcs-remote-monitoring-dotnet/issues/11 | ||
# Public preview only: used to distinguish internal/external traffic | ||
proxy_set_header X-Source external; | ||
proxy_buffering off; | ||
client_max_body_size 0; | ||
proxy_read_timeout 3600s; | ||
proxy_redirect off; | ||
} | ||
|
||
location /iothubmanager/ { | ||
rewrite /iothubmanager/(.*) /$1 break; | ||
proxy_pass $iothubmanager_endpoint; | ||
proxy_pass_header Authorization; | ||
# TODO ~devis: remove - https://github.com/Azure/azure-iot-pcs-remote-monitoring-dotnet/issues/11 | ||
# Public preview only: used to distinguish internal/external traffic | ||
proxy_set_header X-Source external; | ||
proxy_buffering off; | ||
client_max_body_size 0; | ||
proxy_read_timeout 3600s; | ||
proxy_redirect off; | ||
} | ||
|
||
location /devicesimulation/ { | ||
rewrite /devicesimulation/(.*) /$1 break; | ||
proxy_pass $devicesimulation_endpoint; | ||
proxy_pass_header Authorization; | ||
# TODO ~devis: remove - https://github.com/Azure/azure-iot-pcs-remote-monitoring-dotnet/issues/11 | ||
# Public preview only: used to distinguish internal/external traffic | ||
proxy_set_header X-Source external; | ||
proxy_buffering off; | ||
client_max_body_size 0; | ||
proxy_read_timeout 3600s; | ||
proxy_redirect off; | ||
} | ||
|
||
location /telemetry/ { | ||
rewrite /telemetry/(.*) /$1 break; | ||
proxy_pass $telemetry_endpoint; | ||
proxy_pass_header Authorization; | ||
# TODO ~devis: remove - https://github.com/Azure/azure-iot-pcs-remote-monitoring-dotnet/issues/11 | ||
# Public preview only: used to distinguish internal/external traffic | ||
proxy_set_header X-Source external; | ||
proxy_buffering off; | ||
client_max_body_size 0; | ||
proxy_read_timeout 3600s; | ||
proxy_redirect off; | ||
} | ||
|
||
location /config/ { | ||
rewrite /config/(.*) /$1 break; | ||
proxy_pass $config_endpoint; | ||
proxy_pass_header Authorization; | ||
# TODO ~devis: remove - https://github.com/Azure/azure-iot-pcs-remote-monitoring-dotnet/issues/11 | ||
# Public preview only: used to distinguish internal/external traffic | ||
proxy_set_header X-Source external; | ||
proxy_buffering off; | ||
client_max_body_size 0; | ||
proxy_read_timeout 3600s; | ||
proxy_redirect off; | ||
} | ||
} | ||
} |