Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NOISSUE - Update nginx configuration #49

Merged
merged 1 commit into from
Jan 21, 2025
Merged

NOISSUE - Update nginx configuration #49

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
96 changes: 21 additions & 75 deletions docker/nginx/nginx-key.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,134 +57,80 @@ http {
add_header Access-Control-Allow-Methods '*';
add_header Access-Control-Allow-Headers '*';

location ~ ^/(channels)/(.+)/(things)/(.+) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
}
# Proxy pass to users & groups id to things service for listing of channels
# /users/{userID}/channels - Listing of channels belongs to userID
# /groups/{userGroupID}/channels - Listing of channels belongs to userGroupID
location ~ ^/(users|groups)/(.+)/(channels|things) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
if ($request_method = GET) {
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
break;
}
proxy_pass http://users:${MG_USERS_HTTP_PORT};
}

# Proxy pass to channel id to users service for listing of channels
# /channels/{channelID}/users - Listing of Users belongs to channelID
# /channels/{channelID}/groups - Listing of User Groups belongs to channelID
location ~ ^/(channels|things)/(.+)/(users|groups) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
if ($request_method = GET) {
proxy_pass http://users:${MG_USERS_HTTP_PORT};
break;
}
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
}

# Proxy pass to user id to auth service for listing of domains
# /users/{userID}/domains - Listing of Domains belongs to userID
location ~ ^/(users)/(.+)/(domains) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
if ($request_method = GET) {
proxy_pass http://auth:${MG_AUTH_HTTP_PORT};
break;
}
proxy_pass http://users:${MG_USERS_HTTP_PORT};
}

# Proxy pass to domain id to users service for listing of users
# /domains/{domainID}/users - Listing of Users belongs to domainID
location ~ ^/(domains)/(.+)/(users) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
if ($request_method = GET) {
proxy_pass http://users:${MG_USERS_HTTP_PORT};
break;
}
proxy_pass http://auth:${MG_AUTH_HTTP_PORT};
}


# Proxy pass to auth service
# Proxy pass to domains service
location ~ ^/(domains) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://auth:${MG_AUTH_HTTP_PORT};
proxy_pass http://domains:${SMQ_DOMAINS_HTTP_PORT};
}

# Proxy pass to users service
location ~ ^/(users|groups|password|authorize|oauth/callback/[^/]+) {
location ~ ^/(users|password|authorize|oauth/callback/[^/]+) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://users:${MG_USERS_HTTP_PORT};
proxy_pass http://users:${SMQ_USERS_HTTP_PORT};
}

location ^~ /users/policies {
# Proxy pass to groups service
location ~ "^/([a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})/(groups)" {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://users:${MG_USERS_HTTP_PORT}/policies;
proxy_pass http://groups:${SMQ_GROUPS_HTTP_PORT};
}

# Proxy pass to things service
location ~ ^/(things|channels|connect|disconnect|identify) {
# Proxy pass to clients service
location ~ "^/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})/(clients)" {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT};
}

location ^~ /things/policies {
# Proxy pass to channels service
location ~ "^/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})/(channels)" {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://things:${MG_THINGS_HTTP_PORT}/policies;
proxy_pass http://channels:${SMQ_CHANNELS_HTTP_PORT};
}

# Proxy pass to invitations service
location ~ ^/(invitations) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://invitations:${MG_INVITATIONS_HTTP_PORT};
proxy_pass http://invitations:${SMQ_INVITATIONS_HTTP_PORT};
}

location /health {
include snippets/proxy-headers.conf;
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT};
}

location /metrics {
include snippets/proxy-headers.conf;
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT};
}

# Proxy pass to magistrala-http-adapter
# Proxy pass to http-adapter
location /http/ {
include snippets/proxy-headers.conf;

# Trailing `/` is mandatory. Refer to the http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass
# If the proxy_pass directive is specified with a URI, then when a request is passed to the server,
# the part of a normalized request URI matching the location is replaced by a URI specified in the directive
proxy_pass http://http-adapter:${MG_HTTP_ADAPTER_PORT}/;
proxy_pass http://http-adapter:${SMQ_HTTP_ADAPTER_PORT}/;
}

# Proxy pass to magistrala-mqtt-adapter over WS
# Proxy pass to mqtt-adapter over WS
location /mqtt {
include snippets/proxy-headers.conf;
include snippets/ws-upgrade.conf;
proxy_pass http://mqtt_ws_cluster;
}

# Proxy pass to magistrala-ws-adapter
# Proxy pass to ws-adapter
location /ws/ {
include snippets/proxy-headers.conf;
include snippets/ws-upgrade.conf;
proxy_pass http://ws-adapter:${MG_WS_ADAPTER_HTTP_PORT}/;
proxy_pass http://ws-adapter:${SMQ_WS_ADAPTER_HTTP_PORT}/;
}
}
}
Expand Down
94 changes: 20 additions & 74 deletions docker/nginx/nginx-x509.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,113 +66,59 @@ http {
add_header Access-Control-Allow-Methods '*';
add_header Access-Control-Allow-Headers '*';

location ~ ^/(channels)/(.+)/(things)/(.+) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
}
# Proxy pass to users & groups id to things service for listing of channels
# /users/{userID}/channels - Listing of channels belongs to userID
# /groups/{userGroupID}/channels - Listing of channels belongs to userGroupID
location ~ ^/(users|groups)/(.+)/(channels|things) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
if ($request_method = GET) {
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
break;
}
proxy_pass http://users:${MG_USERS_HTTP_PORT};
}

# Proxy pass to channel id to users service for listing of channels
# /channels/{channelID}/users - Listing of Users belongs to channelID
# /channels/{channelID}/groups - Listing of User Groups belongs to channelID
location ~ ^/(channels|things)/(.+)/(users|groups) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
if ($request_method = GET) {
proxy_pass http://users:${MG_USERS_HTTP_PORT};
break;
}
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
}

# Proxy pass to user id to auth service for listing of domains
# /users/{userID}/domains - Listing of Domains belongs to userID
location ~ ^/(users)/(.+)/(domains) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
if ($request_method = GET) {
proxy_pass http://auth:${MG_AUTH_HTTP_PORT};
break;
}
proxy_pass http://users:${MG_USERS_HTTP_PORT};
}

# Proxy pass to domain id to users service for listing of users
# /domains/{domainID}/users - Listing of Users belongs to domainID
location ~ ^/(domains)/(.+)/(users) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
if ($request_method = GET) {
proxy_pass http://users:${MG_USERS_HTTP_PORT};
break;
}
proxy_pass http://auth:${MG_AUTH_HTTP_PORT};
}


# Proxy pass to auth service
# Proxy pass to domains service
location ~ ^/(domains) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://auth:${MG_AUTH_HTTP_PORT};
proxy_pass http://domains:${SMQ_DOMAINS_HTTP_PORT};
}

# Proxy pass to users service
location ~ ^/(users|groups|password|authorize|oauth/callback/[^/]+) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://users:${MG_USERS_HTTP_PORT};
proxy_pass http://users:${SMQ_USERS_HTTP_PORT};
}

location ^~ /users/policies {
# Proxy pass to groups service
location ~ "^/([a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12})/(groups)" {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://users:${MG_USERS_HTTP_PORT}/policies;
proxy_pass http://groups:${SMQ_GROUPS_HTTP_PORT};
}

# Proxy pass to things service
location ~ ^/(things|channels|connect|disconnect|identify) {
# Proxy pass to clients service
location ~ "^/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})/(clients)" {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT};
}

location ^~ /things/policies {
# Proxy pass to channels service
location ~ "^/([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})/(channels)" {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://things:${MG_THINGS_HTTP_PORT}/policies;
proxy_pass http://channels:${SMQ_CHANNELS_HTTP_PORT};
}

# Proxy pass to invitations service
location ~ ^/(invitations) {
include snippets/proxy-headers.conf;
add_header Access-Control-Expose-Headers Location;
proxy_pass http://invitations:${MG_INVITATIONS_HTTP_PORT};
proxy_pass http://invitations:${SMQ_INVITATIONS_HTTP_PORT};
}

location /health {
include snippets/proxy-headers.conf;
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT};
}

location /metrics {
include snippets/proxy-headers.conf;
proxy_pass http://things:${MG_THINGS_HTTP_PORT};
proxy_pass http://clients:${SMQ_CLIENTS_HTTP_PORT};
}

# Proxy pass to magistrala-http-adapter
# Proxy pass to http-adapter
location /http/ {
include snippets/verify-ssl-client.conf;
include snippets/proxy-headers.conf;
Expand All @@ -181,23 +127,23 @@ http {
# Trailing `/` is mandatory. Refer to the http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass
# If the proxy_pass directive is specified with a URI, then when a request is passed to the server,
# the part of a normalized request URI matching the location is replaced by a URI specified in the directive
proxy_pass http://http-adapter:${MG_HTTP_ADAPTER_PORT}/;
proxy_pass http://http-adapter:${SMQ_HTTP_ADAPTER_PORT}/;
}

# Proxy pass to magistrala-mqtt-adapter over WS
# Proxy pass to mqtt-adapter over WS
location /mqtt {
include snippets/verify-ssl-client.conf;
include snippets/proxy-headers.conf;
include snippets/ws-upgrade.conf;
proxy_pass http://mqtt_ws_cluster;
}

# Proxy pass to magistrala-ws-adapter
# Proxy pass to ws-adapter
location /ws/ {
include snippets/verify-ssl-client.conf;
include snippets/proxy-headers.conf;
include snippets/ws-upgrade.conf;
proxy_pass http://ws-adapter:${MG_WS_ADAPTER_HTTP_PORT}/;
proxy_pass http://ws-adapter:${SMQ_WS_ADAPTER_HTTP_PORT}/;
}
}
}
Expand Down
Loading