forked from chainguard-dev/edu
-
Notifications
You must be signed in to change notification settings - Fork 0
/
nginx.conf
127 lines (111 loc) · 8.81 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
worker_processes 2;
events {
worker_connections 1024;
}
pid /tmp/nginx.pid;
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
# add URLs after the `default` line that are moved and aren't redirecting via Hugo aliases
map $request_uri $redirect_url {
default "";
# individual URL redirects here
"~^/chainguard/chainguard-enforce/chainctl-docs/how-to-install-chainctl(.+)?$" /chainguard/chainguard-enforce/how-to-install-chainctl$1;
"~^/chainguard/chainguard-enforce/chainguard-enforce-kubernetes/chaingaurd-enforce-discovery-onboarding(.+)?$" /chainguard/chainguard-enforce/chainguard-enforce-discovery-onboarding$1;
"~^/chainguard/chainguard-enforce/chainguard-enforce-kubernetes/chaingaurd-enforce-user-onboarding(.+)?$" /chainguard/chainguard-enforce/chainguard-enforce-user-onboarding$1;
"~^/chainguard/chainguard-enforce/chainctl-docs(.+)?$" /chainguard/chainctl$1;
"~^/chainguard/chainguard-enforce/chainguard-enforce-kubernetes/chainguard-enforce-events(.+)?$" /chainguard/chainguard-enforce/reference/events$1;
"~^/chainguard/chainguard-enforce/chainguard-enforce-events(.+)?$" /chainguard/chainguard-enforce/reference/events$1;
"~^/chainguard/chainguard-enforce/chainguard-enforce-kubernetes/changelog(.+)?$" /chainguard/chainguard-enforce/changelog$1;
"~^/chainguard/chainguard-enforce/chainguard-enforce-kubernetes/how-to-disable-policy-enforcement(.+)?$" /chainguard/chainguard-enforce/policies/how-to-disable-policy-enforcement$1;
"~^/open-source/apko/apk-package-manager(.+)?$" /open-source/wolfi/apk-package-manager$1;
"~^/chainguard/chainctl/chainctl-docs/(index.html|index.xml)?$" /chainguard/chainctl/;
"~^/chainguard/chainguard-enforce/chainguard-enforce-kubernetes/(index.html|index.xml)?$" /chainguard/chainguard-enforce/enforce-overview/;
"~^/chainguard/chainguard-enforce/chainguard-enforce-kubernetes/chainguard-enforce-policy-examples(.+)?$" /chainguard/chainguard-enforce/policies/chainguard-enforce-policy-examples$1;
"~^/open-source/melange/getting-started-with-melange(.+)?$" /open-source/melange/tutorials/getting-started-with-melange/;
"~^/chainguard/chainguard-enforce/sboms/sboms-and-attestations/(.+)?$" /open-source/sbom/sboms-and-attestations/;
"~^/chainguard/chainguard-images/images-compared/(.+)?$" /chainguard/chainguard-images/vuln-comparison/;
"~^/software-security/secure-software-development/considerations-for-image-updates/(.+)?$" /chainguard/chainguard-images/considerations-for-image-updates/;
"~^/chainguard/chainguard-enforce/iam-groups/assumable-ids/(.+)?$" /chainguard/chainguard-enforce/authentication/assumable-ids/;
"~^/chainguard/chainguard-enforce/authentication/custom-idps/(.+)?$" /chainguard/administration/custom-idps/custom-idps/;
"~^/chainguard/network-requirements/(.+)?$" /chainguard/administration/network-requirements/;
"~^/chainguard/chainguard-enforce/reference/events/(.+)?$" /chainguard/administration/cloudevents/events-reference/;
"~^/chainguard/chainguard-enforce/administration/connecting-to-private-registries/(.+)?$" /chainguard/chainguard-enforce/authentication/connecting-to-private-registries/;
"~^/chainguard/chainguard-enforce/administration/annotation-based-caching/(.+)?$" /chainguard/chainguard-enforce/annotation-based-caching/;
"~^/chainguard/chainguard-images/comparing-images/using-the-image-diff-api/(.+)?$" /chainguard/chainguard-images/comparing-images/;
"~^/chainguard/administration/cloudevents/create-github-issues/(.+)?$" /chainguard/administration/cloudevents/;
"~^/chainguard/administration/cloudevents/create-jira-issues/(.+)?$" /chainguard/administration/cloudevents/;
"~^/chainguard/administration/cloudevents/create-slack-alerts/(.+)?$" /chainguard/administration/cloudevents/;
# complete content directory redirects here
"~^/chainguard/chainguard-enforce/events/(.+)$" /chainguard/chainguard-enforce/cloudevents/$1;
"~^/chainguard/chainguard-images/network-requirements/(.+)?$" /chainguard/network-requirements/;
"~^/chainguard/chainguard-images/registry/(.+)?$" /chainguard/chainguard-registry/;
"~^/chainguard/chainguard-enforce/iam-groups/(.+)?$" /chainguard/administration/iam-groups/$1;
"~^/chainguard/chainguard-enforce/authentication/example-idps/(.+)?$" /chainguard/administration/custom-idps/$1;
"~^/chainguard/chainguard-enforce/cloudevents/(.+)?$" /chainguard/administration/cloudevents/$1;
"~^/chainguard/chainguard-enforce/iam-groups/identity-examples/(.+)?$" /chainguard/chainguard-enforce/authentication/$1;
"~^/chainguard/chainguard-enforce/authentication/identity-examples/(.+)?$" /chainguard/administration/iam-groups/identity-examples/;
"~^/chainguard/chainguard-images/vulnerability-comparisons/(.+)?$" /chainguard/chainguard-images/comparing-images/vulnerability-comparisons;
"~^/chainguard/administration/iam-groups/(.+)?$" /chainguard/administration/iam-organizations/$1;
"~^/chainguard/migration-guides/(.+)?$" /chainguard/migration/$1;
# enforce docs turndown
"~^/chainguard/chainguard-enforce/(.+)?$" /;
# getting-started docs redirects
"~^/chainguard/chainguard-images/reference/go/getting-started-go/(.+)?$" /chainguard/chainguard-images/getting-started/getting-started-go/;
"~^/chainguard/chainguard-images/reference/mariadb/getting-started-mariadb/(.+)?$" /chainguard/chainguard-images/getting-started/getting-started-mariadb/;
"~^/chainguard/chainguard-images/reference/node/getting-started-node/(.+)?$" /chainguard/chainguard-images/getting-started/getting-started-node/;
"~^/chainguard/chainguard-images/reference/php/getting-started-php/(.+)?$" /chainguard/chainguard-images/getting-started/getting-started-php/;
"~^/chainguard/chainguard-images/reference/postgres/getting-started-postgres/(.+)?$" /chainguard/chainguard-images/getting-started/getting-started-postgres/;
"~^/chainguard/chainguard-images/reference/python/getting-started-python/(.+)?$" /chainguard/chainguard-images/getting-started/getting-started-python/;
"~^/chainguard/chainguard-images/reference/ruby/getting-started-ruby/(.+)?$" /chainguard/chainguard-images/getting-started/getting-started-ruby/;
# reference docs redirects - images
"~^/chainguard/chainguard-images/reference/(.+)/image_specs/?$" https://images.chainguard.dev/directory/image/$1/specifications;
"~^/chainguard/chainguard-images/reference/(.+)/tags_history/?$" https://images.chainguard.dev/directory/image/$1/versions;
"~^/chainguard/chainguard-images/reference/(.+)/provenance_info/?$" https://images.chainguard.dev/directory/image/$1/provenance;
"~^/chainguard/chainguard-images/reference/(.+)/overview/?$" https://images.chainguard.dev/directory/image/$1/overview;
"~^/chainguard/chainguard-images/reference/(.+)/$" https://images.chainguard.dev/directory/image/$1/overview;
"~^/chainguard/chainguard-images/reference/(.+)$" https://images.chainguard.dev/directory/image/$1/overview;
"~^/chainguard/chainguard-images/reference/?$" https://images.chainguard.dev/directory;
}
server {
listen 8080;
server_name localhost;
root /usr/share/nginx/html/;
# process $request_uri -> $redirect_url if url is absolute
if ($redirect_url ~ ^https://) {
rewrite ^(.*)$ $redirect_url permanent;
}
# process $request_uri -> $redirect_url, preserving https, and ensure URLs don't have any ports in them
if ($redirect_url != "") {
rewrite ^(.*)$ $scheme://$http_host$redirect_url permanent;
}
location / {
index index.html index.htm;
try_files $uri $uri/index.html =404;
}
# serve the vuln-comparison page for /vulnerabilities page without a vuln id
# captures /vulnerabilities /vulnerabilities/ and /vulnerabilities/index.html
location ~ ^/vulnerabilities(\/|\/index.html)?$ {
rewrite ^ /chainguard/chainguard-images/vuln-comparison/index.html;
}
# all vulnerabilities with an ID get rendered by this page using javascript
location ~ ^/vulnerabilities/ {
rewrite ^ /vulnerabilities/index.html break;
}
location ~* /(\index.html)?$ {
add_header Cache-Control "public, max-age=300, stale-while-revalidate=300";
}
# use hugo's built in 404 page for now
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
error_log stderr notice;