map $http_upgrade $connection_upgrade { default upgrade; '' close; } # Описываем формат лога log_format delivery '$remote_addr - [$time_local] $host "$request" ' '$ssl_protocol/$ssl_cipher ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" $request_time ' '$upstream_response_time $request_id'; log_format delivery_json '{ "@timestamp": "$time_iso8601", ' '"@target_index": "logstash-2017.02.19", ' '"@fields": { ' '"request_id": "$request_id", ' '"remote_addr": "$remote_addr", ' '"remote_user": "$remote_user", ' '"body_bytes_sent": "$body_bytes_sent", ' '"request_time": "$request_time", ' '"status": "$status", ' '"request": "$request", ' '"request_method": "$request_method", ' '"http_referrer": "$http_referer", ' '"host": "$host", ' '"upstream_response_time": "$upstream_response_time", ' '"http_user_agent": "$http_user_agent" } }'; # Путь к файлу и формат лога access_log /dev/stdout delivery; error_log stderr info; resolver kube-dns.kube-system.svc.cluster.local valid=5s; # server { # listen 8080 default; # # server_name _; # # include include/ssl-acme.conf; # access_log /dev/null; # # location / { # # return 301 https://$host$request_uri; # # } # location / { # return 505; # } # location /health { # return 200; # } # } # Landing server { listen 8080; #443 ssl http2 # listen [::]:8080; #[::]:443 ssl http2 server_name ~^landing.*; # include include/ssl.conf; location / { auth_basic "closed site"; auth_basic_user_file /etc/nginx/htpasswd; set $landing "http://landing.default.svc.cluster.local:5000"; proxy_pass $landing; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /robots.txt { return 200 "User-agent: *\nDisallow: /\n"; } # include include/ssl-acme.conf; } # Delivery-hub.com #server { # listen 443 ssl http2; # # listen [::]:443 ssl http2; # server_name delivery-hub.com; # include include/ssl.conf; # root /usr/share/nginx/html; # index index.html; # location ~* ^/(css|js|images)/ { # try_files $uri =404; # add_header Cache-Control no-cache; # expires 1s; # } # location / { # try_files $uri $uri/ /index.html =404; # # add_header Cache-Control no-cache; # expires 1s; # } #} # Panel #server { # listen 443 ssl http2; # # listen [::]:443 ssl http2; # server_name ~^panel.*; # include include/ssl.conf; # # # Panel # location / { # proxy_pass http://panel.default.svc.cluster.local:8080; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection "upgrade"; # } #} # api-docs server { listen 8080; #443 ssl http2 # listen [::]:8080; #443 ssl http2 server_name ~^api-docs.*; # include include/ssl.conf; # Panel location / { auth_basic "closed site"; auth_basic_user_file /etc/nginx/htpasswd-docs; set $delivery "http://delivery.default.svc.cluster.local:8080"; proxy_pass $delivery; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } # API server { listen 8080 default_server; #443 ssl http2 # listen [::]:8080 default_server; #443 ssl http2 #server_name ~^api.(dh-api?)*; # include include/ssl.conf; set $auth "http://auth.default.svc.cluster.local:8080"; set $company "http://company.default.svc.cluster.local:8080"; set $shop "http://shop.default.svc.cluster.local:8080"; set $location "http://location.default.svc.cluster.local:8080"; set $agnet "http://agent.default.svc.cluster.local:8080"; set $order "http://order.default.svc.cluster.local:8080"; # Auth location /auth { proxy_pass $auth; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Company location /merchants { proxy_pass $company; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } location /accounts { proxy_pass $company; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Shop location /areas { proxy_pass $shop; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } location /shops { proxy_pass $shop; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } location /plans { proxy_pass $shop; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } location /schedules { proxy_pass $shop; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } location /shifts { proxy_pass $shop; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } location /settings { proxy_pass $shop; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } #Location location /location { proxy_pass $location; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Agent location /agents { proxy_pass $agnet; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Order location /orders { client_max_body_size 6M; proxy_pass $order; include /etc/nginx/include/headers.conf; proxy_set_header X-Request-Id $request_id; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; proxy_buffer_size 16k; proxy_buffers 4 128k; proxy_busy_buffers_size 256k; } location /trips { client_max_body_size 6M; proxy_pass $order; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Log location /logs { set $log "http://log.default.svc.cluster.local:8080"; proxy_pass $log; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Geo location /geo { set $geo "http://geo.default.svc.cluster.local:8080"; proxy_pass $geo; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Notification location /notification { set $notification "http://notification.default.svc.cluster.local:8080"; proxy_pass $notification; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Registration location /registration { set $registration "http://registration.default.svc.cluster.local:8080"; proxy_pass $registration; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Billing location /billing { set $billing "http://billing.default.svc.cluster.local:8080"; proxy_pass $billing; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Timer location /timers { set $timer "http://timer.default.svc.cluster.local:8080"; proxy_pass $timer; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Callback location /callback { set $callback "http://callback.default.svc.cluster.local:8080"; proxy_pass $callback; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Feedback location /feedbacks { set $feedback "http://feedback.default.svc.cluster.local:8080"; proxy_pass $feedback; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Report location /report { set $report "http://report.default.svc.cluster.local:8080"; proxy_pass $report; include /etc/nginx/include/headers.conf; proxy_set_header X-Request-Id $request_id; proxy_connect_timeout 600; proxy_send_timeout 600; proxy_read_timeout 600; send_timeout 600; } # Stats location /stats { set $stats "http://stats.default.svc.cluster.local:8080"; proxy_pass $stats; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; # location /stats/socket.io { # proxy_pass http://stats.default.svc.cluster.local:8080; # include /etc/nginx/include/socketio.conf; # } } # Localization api location /l10n { #add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization,internal'; #add_header 'Access-Control-Expose-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Authorization,Link,internal'; proxy_set_header X-Request-Id $request_id; include /etc/nginx/include/proxy.conf; # rewrite /l10n(/|$)(.*) $1 break; set $localization "http://localization.default.svc.cluster.local:8080"; rewrite ^/l10n(/.*)$ $1 break; proxy_pass $localization; } # Cargo api location /cargo { set $cargo "http://cargo.default.svc.cluster.local:8080"; rewrite ^/cargo(/.*)$ $1 break; proxy_pass $cargo; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Landing api location /landing { set $landing "http://landing.default.svc.cluster.local:5000"; proxy_pass $landing; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } # Hystrix dashboard location /hystrix-dashboard { set $dashboard "http://hystrix-dashboard.default.svc.cluster.local:7979"; proxy_pass $dashboard; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } location /redis-status { set $ha_reddis "http://ha-redis.default.svc.cluster.local:81"; proxy_pass $ha_reddis; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; rewrite ^/redis-status/$ / break; } # Wallet location /wallet { set $wallet "http://wallet.default.svc.cluster.local:8080"; proxy_pass $wallet; include /etc/nginx/include/proxy.conf; proxy_set_header X-Request-Id $request_id; } location /health { return 200; } location / { add_header Content-Type application/json; return 200 '{"message":"ok"}'; } } server { listen 8080; # http2 # listen [::]:8080; # http2 server_name ~^kibana.*; # include include/ssl.conf; # Panel location / { auth_basic "closed site"; auth_basic_user_file /etc/nginx/htpasswd; set $kibana "http://kibana.kube-system.svc.cluster.local:5601"; proxy_pass $kibana; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } server { listen 8080; #443 ssl http2 # listen [::]:8080; #[::]:443 ssl http2 server_name ~^nsqadmin.*; # include include/ssl.conf; # Panel location / { auth_basic "closed site"; auth_basic_user_file /etc/nginx/htpasswd; set $nsqadmin "http://nsq-admin.kube-system.svc.cluster.local:4171"; proxy_pass $nsqadmin; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } server { listen 8080; #443 ssl http2 # listen [::]:8080; server_name ~^eeyaut2aey.*; # include include/ssl.conf; location / { auth_basic "closed site"; auth_basic_user_file /etc/nginx/htpasswd; set $pma "http://pma.default.svc.cluster.local:8080"; proxy_pass $pma; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } server { listen 8080; #443 ssl http2 # listen [::]:8080; server_name ~^kopf.*; # include include/ssl.conf; location / { auth_basic "closed site"; auth_basic_user_file /etc/nginx/htpasswd; set $kopf "http://kopf.kube-system.svc.cluster.local:8080"; proxy_pass $kopf; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } }