jcoakley/dev1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d3a73df804
dev1/nginx.conf
Josh 9f2441edb9 Nginx config for woodpecker
2025-07-30 17:52:15 +00:00

139 lines
5.6 KiB
Nginx Configuration File
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

events {}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
resolver 127.0.0.11 ipv6=off;
# ───────────── upstreams to Docker services ─────────────
upstream backend5000 { server server1:5000; } # auth & free
upstream backend5001 { server server2:5001; } # onet, distance, etc.
upstream backend5002 { server server3:5002; } # premium
upstream gitea_backend { server gitea:3000; } # gitea service (shared network)
upstream woodpecker_backend { server woodpecker-server:8000; }
########################################################################
# 1. HTTP  HTTPS redirect for the main site
########################################################################
server {
listen 80;
listen [::]:80;
server_name dev1.aptivaai.com;
return 301 https://$host$request_uri;
}
########################################################################
# 2. Main virtual host (dev1.aptivaai.com) on :443
########################################################################
server {
listen 443 ssl;
http2 on; # modern syntax
server_name dev1.aptivaai.com;
ssl_certificate /etc/letsencrypt/live/dev1.aptivaai.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev1.aptivaai.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
# ───── React static assets ─────
root /usr/share/nginx/html;
index index.html;
location / {
try_files $uri $uri/ /index.html;
}
location ~* \.(?:ico|css|js|gif|jpe?g|png|woff2?|eot|ttf|svg)$ {
expires 6M;
access_log off;
}
# ───── API reverseproxy rules ─────
location ^~ /api/onet/ { proxy_pass http://backend5001; }
location ^~ /api/chat/ { proxy_pass http://backend5001; proxy_http_version 1.1; proxy_buffering off; }
location ^~ /api/job-zones { proxy_pass http://backend5001; }
location ^~ /api/salary { proxy_pass http://backend5001; }
location ^~ /api/cip/ { proxy_pass http://backend5001; }
location ^~ /api/tuition/ { proxy_pass http://backend5001; }
location ^~ /api/projections/ { proxy_pass http://backend5001; }
location ^~ /api/skills/ { proxy_pass http://backend5001; }
location ^~ /api/ai-risk { proxy_pass http://backend5001; }
location ^~ /api/maps/distance { proxy_pass http://backend5001; }
location ^~ /api/schools { proxy_pass http://backend5001; }
location ^~ /api/premium/ { proxy_pass http://backend5002; }
location ^~ /api/public/ { proxy_pass http://backend5002; }
location ^~ /api/ { proxy_pass http://backend5000; }
# shared proxy headers
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
error_page 502 503 504 /50x.html;
location = /50x.html { root /usr/share/nginx/html; }
}
########################################################################
# 3. Gitea virtual host (HTTPS) gitea.dev1.aptivaai.com
########################################################################
server {
listen 443 ssl;
http2 on;
server_name gitea.dev1.aptivaai.com;
ssl_certificate /etc/letsencrypt/live/gitea.dev1.aptivaai.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/gitea.dev1.aptivaai.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
location / {
proxy_pass http://gitea_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
########################################################################
# 4. Gitea HTTP  HTTPS redirect
########################################################################
server {
listen 80;
server_name gitea.dev1.aptivaai.com;
return 301 https://$host$request_uri;
}
########################################################################
# 5. Woodpecker CI (HTTPS) ci.dev1.aptivaai.com
########################################################################
server {
listen 443 ssl;
http2 on;
server_name ci.dev1.aptivaai.com;
ssl_certificate /etc/letsencrypt/live/ci.dev1.aptivaai.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/ci.dev1.aptivaai.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
location / {
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://woodpecker_backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
########################################################################
# 6. Woodpecker HTTP  HTTPS redirect
########################################################################
server {
listen 80;
server_name ci.dev1.aptivaai.com;
return 301 https://$host$request_uri;
}
}
Reference in New Issue View Git Blame Copy Permalink