-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #55 from ciatph/dev
v1.1.1
- Loading branch information
Showing
19 changed files
with
273 additions
and
50 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,103 @@ | ||
# Full nginx configuration with SSL certificate for nginx running on host machine | ||
# Requires a registered domain name, letsencrypt SSL certificates | ||
# and local client/server apps (running in containers or manually installed on host) | ||
|
||
server { | ||
listen 80; | ||
listen [::]:80; | ||
server_name www.<YOUR.DOMAIN.COM.HERE>; | ||
return 301 https://<YOUR.DOMAIN.COM.HERE>$request_uri; | ||
} | ||
|
||
server { | ||
listen 80; | ||
listen [::]:80; | ||
server_name <YOUR.DOMAIN.COM.HERE>; | ||
return 301 https://<YOUR.DOMAIN.COM.HERE>$request_uri; | ||
} | ||
|
||
server { | ||
listen 443 ssl; | ||
server_name www.<YOUR.DOMAIN.COM.HERE>; | ||
ssl_certificate /etc/letsencrypt/live/<YOUR.DOMAIN.COM.HERE>/fullchain.pem; | ||
ssl_certificate_key /etc/letsencrypt/live/<YOUR.DOMAIN.COM.HERE>/privkey.pem; | ||
return 301 https://<YOUR.DOMAIN.COM.HERE>$request_uri; | ||
} | ||
|
||
server { | ||
listen 443 ssl http2; | ||
listen [::]:443 ssl http2; | ||
|
||
server_name <YOUR.DOMAIN.COM.HERE>; | ||
server_tokens off; | ||
|
||
# Available methods | ||
add_header Allow 'GET, POST, PATCH, DELETE, HEAD' always; | ||
add_header X-XSS-Protection '1; mode=block'; | ||
|
||
if ( $request_method !~ ^(GET|POST|PATCH|DELETE|HEAD)$ ) { | ||
return 405; | ||
} | ||
|
||
ssl_certificate /etc/letsencrypt/live/<YOUR.DOMAIN.COM.HERE>/fullchain.pem; | ||
ssl_certificate_key /etc/letsencrypt/live/<YOUR.DOMAIN.COM.HERE>/privkey.pem; | ||
|
||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | ||
ssl_prefer_server_ciphers on; | ||
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; | ||
ssl_dhparam '/etc/pki/nginx/dhparams.pem'; | ||
|
||
add_header Strict-Transport-Security 'max-age=63072000; includeSubDomains' always; | ||
|
||
# gzip comppression settings | ||
gzip on; | ||
gzip_disable 'msie6'; | ||
|
||
gzip_vary on; | ||
gzip_proxied any; | ||
gzip_comp_level 6; | ||
gzip_buffers 16 8k; | ||
gzip_http_version 1.1; | ||
gzip_min_length 0; | ||
gzip_types text/plain application/javascript text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype; | ||
|
||
# Reverse proxy to the client website | ||
# Requires the client service running on http://localhost:3000 (from a container or manually installed on host) | ||
location / { | ||
proxy_pass http://localhost:3000; | ||
proxy_set_header Host $host; | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
proxy_set_header X-Forwarded-Proto $scheme; | ||
proxy_set_header X-Real-IP $remote_addr; | ||
proxy_cache_bypass $http_upgrade; | ||
|
||
# For websockets | ||
proxy_http_version 1.1; | ||
proxy_set_header Connection 'upgrade'; | ||
proxy_set_header Upgrade $http_upgrade; | ||
proxy_read_timeout 600s; | ||
} | ||
|
||
# Reverse proxy to the backend API server | ||
# Requires the backend service running on http://localhost:3001 (from a container or manually installed on host) | ||
location /api { | ||
proxy_pass http://localhost:3001; | ||
proxy_set_header Host $host; | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
proxy_set_header X-Forwarded-Proto $scheme; | ||
proxy_set_header X-Real-IP $remote_addr; | ||
proxy_cache_bypass $http_upgrade; | ||
|
||
# For websockets | ||
proxy_http_version 1.1; | ||
proxy_set_header Connection 'upgrade'; | ||
proxy_set_header Upgrade $http_upgrade; | ||
proxy_read_timeout 600s; | ||
} | ||
|
||
# Other error pages | ||
error_page 500 502 503 504 /50x.html; | ||
location = /50x.html { | ||
root /usr/share/nginx/html; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
function NotFound () { | ||
return ( | ||
<h2>Page not found</h2> | ||
) | ||
} | ||
|
||
export default NotFound |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.