Independent -Sample NGINX virtualhost configuration file - taler-deployment - Deployment scripts and configuration files

commit 2fa98f1c0f0db7161b3ab0aaf75fbaf66d17bb0d
parent 44df2ee84fa9276cae24e5521f86004a6a9172a9
Author: Javier Sepulveda <javier.sepulveda@uv.es>
Date:   Fri,  4 Aug 2023 12:26:26 +0200

Independent -Sample NGINX virtualhost configuration file

Diffstat:
A sandcastle/nginx-example.conf  | 332 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

1 file changed, 332 insertions(+), 0 deletions(-)
diff --git a/sandcastle/nginx-example.conf b/sandcastle/nginx-example.conf
@@ -0,0 +1,332 @@
+  server {
+    server_name exchange.example.com;
+    root /dev/null;
+  
+    location / {
+      proxy_pass http://localhost:5555/;
+      proxy_redirect off;
+      proxy_set_header Host $host;
+    }
+  
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/backend.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/backend.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+  
+  server {
+    server_name backend.example.com;
+  
+    location / {
+      proxy_set_header X-Forwarded-Host "backend.example.com";
+      proxy_set_header X-Forwarded-Proto "https";
+      proxy_set_header X-Forwarded-Prefix "/";
+      proxy_pass http://localhost:5556/;
+      proxy_redirect off;
+      proxy_set_header Host $host;
+    }
+  
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/backend.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/backend.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+
+  server {
+    server_name webui-bank.example.com;
+
+    location = / {
+      # Serves the SPA
+      index index.html;
+      proxy_pass http://localhost:15002/;
+    }
+  
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/backend.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/backend.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+  
+  server {
+    server_name bank.example.com;
+
+## NEED TO ADD IT AFTERWARDS
+
+  location = / {
+    return 301 https://bank.example.com/webui;
+
+  }
+
+  location /webui/ {
+        index index.html;
+        proxy_pass http://127.0.0.1:15002/;
+  }
+
+
+
+  location / {
+    recursive_error_pages on;
+    proxy_pass http://127.0.0.1:15000;
+    # Used, for example, to build the taler://-URIs
+    proxy_set_header X-Forwarded-Host "bank.example.com";
+    proxy_set_header X-Forwarded-Proto "https";
+    proxy_set_header X-Forwarded-Prefix "/";
+  }
+
+## END NEEDED TO ADD AFTERWARDS
+
+    #location / {
+     # proxy_set_header X-Forwarded-Host "bank.example.com";
+      #proxy_set_header X-Forwarded-Proto "https";
+      #proxy_set_header X-Forwarded-Prefix /;
+      #proxy_pass http://localhost:15000/;
+    #}
+  
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/backend.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/backend.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+
+  server {
+    server_name shop.example.com;
+   
+    location / {
+      proxy_set_header X-Forwarded-Host "shop.example.com";
+      proxy_set_header X-Forwarded-Proto "https";
+      proxy_set_header X-Forwarded-Prefix /;
+      proxy_pass http://localhost:5559/;
+    }
+  
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/shop.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/shop.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+
+}
+
+  server {
+    server_name donations.example.com;
+   
+    location / {
+      proxy_set_header X-Forwarded-Host "donations.example.com";
+      proxy_set_header X-Forwarded-Proto "https";
+      proxy_set_header X-Forwarded-Prefix /;
+      proxy_pass http://localhost:5560/;
+    }
+  
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/backend.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/backend.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+
+  server {
+    server_name survey.example.com;
+   
+    location / {
+      proxy_set_header X-Forwarded-Host "survey.example.com";
+      proxy_set_header X-Forwarded-Proto "https";
+      proxy_set_header X-Forwarded-Prefix /;
+      proxy_pass http://localhost:5561/;
+    }
+  
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/backend.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/backend.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+
+  # Landing page that explains the demo.
+  server {
+    server_name example.com;
+   
+    location / {
+      proxy_pass http://localhost:5562/;
+    }
+  
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/backend.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/backend.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+
+}
+
+  server {
+    server_name sync.example.com;
+   
+    location / {
+      proxy_set_header X-Forwarded-Host "sync.example.com";
+      proxy_set_header X-Forwarded-Proto "https";
+      proxy_set_header X-Forwarded-Prefix /;
+      proxy_pass http://localhost:5563/;
+    }
+  
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/backend.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/backend.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+
+}
+
+  
+  server {
+    if ($host = backend.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name backend.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
+  
+  server {
+    if ($host = bank.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name bank.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
+
+  server {
+    if ($host = blog.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name blog.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
+
+  server {
+    if ($host = donations.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name donations.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}  server {
+    if ($host = exchange.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name exchange.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
+  server {
+    if ($host = intro.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name intro.example.com;
+    return 404; # managed by Certbot
+
+
+
+    listen 443 ssl; # managed by Certbot
+    ssl_certificate /etc/letsencrypt/live/backend.example.com/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/backend.example.com/privkey.pem; # managed by Certbot
+    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
+    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
+
+}
+
+  server {
+    if ($host = survey.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name survey.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
+
+  server {
+    if ($host = sync.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name sync.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
+
+  server {
+    if ($host = webui-bank.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+    server_name webui-bank.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}
+
+  server {
+    if ($host = intro.example.com) {
+        return 301 https://$host$request_uri;
+    } # managed by Certbot
+
+
+
+
+    server_name intro.example.com;
+    listen 80;
+    return 404; # managed by Certbot
+
+
+}

	taler-deployment Deployment scripts and configuration files
	Log \| Files \| Refs \| README