- eveai_app adapted to handle removal of complex rewrite rules in nginx.conf, which cannot be achieved in Ingress

2025-09-06 16:53:51 +02:00
parent b812aedb81
commit 5c20e6c1f9
28 changed files with 341 additions and 336 deletions
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -57,9 +57,6 @@ http {
            index  index.html index.htm;
        }

-        location /reset {
-           rewrite ^/reset(.*)$ /admin/reset$1 permanent;
-        }

        location /static/ {
            alias  /etc/nginx/static/;
@@ -100,17 +97,10 @@ http {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
-            proxy_set_header X-Forwarded-Prefix /chat-client;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_buffering off;
-
-            # Add CORS headers
-            add_header 'Access-Control-Allow-Origin' '*' always;
-            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
-            add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization' always;
-            add_header 'Access-Control-Allow-Credentials' 'true' always;
        }

        location /admin/ {
@@ -122,7 +112,6 @@ http {
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
-            proxy_set_header X-Forwarded-Prefix /admin;     # Required for Flask views (used in nginx_utils
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
@@ -140,60 +129,14 @@ http {
            proxy_send_timeout 60s;
            proxy_read_timeout 60s;
            send_timeout 60s;
-
-            # Subfilter to hide admin prefix from app
-            sub_filter_once off;
-            sub_filter_types text/html text/css application/javascript;
-
-            # General HTML sub_filters
-            sub_filter 'href="/static/' 'href="/static/';
-            sub_filter 'src="/static/' 'src="/static/';
-            sub_filter 'url("/static/' 'url("/static/';
-            sub_filter 'href="/' 'href="/admin/';  # Rewrites for other content
-            sub_filter 'src="/' 'src="/admin/';
-            sub_filter 'action="/' 'action="/admin/';
-            sub_filter 'url("/' 'url("/admin/';
-
-            # Sub_filters for JavaScript URLs
-            sub_filter 'url: "/' 'url: "/admin/';
-            sub_filter 'url: \"/' 'url: "/admin/';
-            sub_filter 'url("/' 'url("/admin/';
-            sub_filter 'url(\\"/' 'url("/admin/';
-
-            # Sub_filters for AJAX requests
-            sub_filter 'url: \'/user/' 'url: \'/admin/user/';
-            sub_filter 'url: "/user/' 'url: "/admin/user/';
-            sub_filter 'url: "/api/' 'url: "/admin/api/';
-            sub_filter 'url: \'/api/' 'url: \'/admin/api/';
-
        }

        location /api/ {
-            # Handle preflight requests
-            if ($request_method = 'OPTIONS') {
-                add_header 'Access-Control-Allow-Origin' $http_origin always;
-                add_header 'Access-Control-Allow-Credentials' 'true' always;
-                add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
-                add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
-                add_header 'Access-Control-Max-Age' 1728000;
-                add_header 'Content-Type' 'text/plain charset=UTF-8';
-                add_header 'Content-Length' 0;
-                return 204;
-            }
-            # Mirror the Origin header if it's allowed by the application
-            # The application will handle the actual origin validation
-            add_header 'Access-Control-Allow-Origin' $http_origin always;
-            add_header 'Access-Control-Allow-Credentials' 'true' always;
-            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
-            add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always;
-            add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
-
            proxy_pass http://eveai_api:8080/;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
-            proxy_set_header X-Forwarded-Prefix /api;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";