#user nobody; worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; # Define upstream servers upstream eveai_chat_client { server eveai_chat_client:5004; } log_format custom_log_format '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for" ' 'rt=$request_time ut=$upstream_response_time'; access_log /var/log/nginx/access.log custom_log_format; error_log /var/log/nginx/error.log info; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; client_max_body_size 50M; #gzip on; client_header_buffer_size 4k; large_client_header_buffers 4 8k; server { listen 80; listen 8080; server_name ${NGINX_SERVER_NAME}; #charset koi8-r; #access_log logs/host.access.log main; location = / { return 301 /admin/; } location / { root /etc/nginx/public; index index.html index.htm; } location /reset { rewrite ^/reset(.*)$ /admin/reset$1 permanent; } location /static/ { alias /etc/nginx/static/; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /etc/nginx/public; } # location /chat/ { # proxy_pass http://eveai_chat:5002/; # # proxy_set_header Host $host; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # proxy_set_header X-Forwarded-Proto $scheme; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection "upgrade"; # proxy_buffering off; # # # Add CORS headers # add_header 'Access-Control-Allow-Origin' '*' always; # add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; # add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization' always; # add_header 'Access-Control-Allow-Credentials' 'true' always; # } location /chat-client/ { proxy_pass http://eveai_chat_client/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Prefix /chat-client; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_buffering off; # Add CORS headers add_header 'Access-Control-Allow-Origin' '*' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization' always; add_header 'Access-Control-Allow-Credentials' 'true' always; } location /admin/ { # include uwsgi_params; # uwsgi_pass 127.0.0.1:5001; # uwsgi_read_timeout 300; proxy_pass http://eveai_app:5001/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Prefix /admin; # Required for Flask views (used in nginx_utils proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_buffering off; proxy_buffer_size 16k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; # # Ensure these headers are set for secure connections # proxy_set_header X-Forwarded-Proto $scheme; # proxy_set_header X-Forwarded-Host $host; # proxy_set_header X-Forwarded-Port $server_port; proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; send_timeout 60s; # Subfilter to hide admin prefix from app sub_filter_once off; sub_filter_types text/html text/css application/javascript; # General HTML sub_filters sub_filter 'href="/static/' 'href="/static/'; sub_filter 'src="/static/' 'src="/static/'; sub_filter 'url("/static/' 'url("/static/'; sub_filter 'href="/' 'href="/admin/'; # Rewrites for other content sub_filter 'src="/' 'src="/admin/'; sub_filter 'action="/' 'action="/admin/'; sub_filter 'url("/' 'url("/admin/'; # Sub_filters for JavaScript URLs sub_filter 'url: "/' 'url: "/admin/'; sub_filter 'url: \"/' 'url: "/admin/'; sub_filter 'url("/' 'url("/admin/'; sub_filter 'url(\\"/' 'url("/admin/'; # Sub_filters for AJAX requests sub_filter 'url: \'/user/' 'url: \'/admin/user/'; sub_filter 'url: "/user/' 'url: "/admin/user/'; sub_filter 'url: "/api/' 'url: "/admin/api/'; sub_filter 'url: \'/api/' 'url: \'/admin/api/'; } location /api/ { # Handle preflight requests if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' $http_origin always; add_header 'Access-Control-Allow-Credentials' 'true' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always; add_header 'Access-Control-Max-Age' 1728000; add_header 'Content-Type' 'text/plain charset=UTF-8'; add_header 'Content-Length' 0; return 204; } # Mirror the Origin header if it's allowed by the application # The application will handle the actual origin validation add_header 'Access-Control-Allow-Origin' $http_origin always; add_header 'Access-Control-Allow-Credentials' 'true' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always; add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization' always; add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always; proxy_pass http://eveai_api:5003/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Prefix /api; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_buffering off; proxy_buffer_size 16k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_connect_timeout 60s; proxy_send_timeout 60s; proxy_read_timeout 60s; send_timeout 60s; } location /flower/ { proxy_pass http://flower:5555/flower/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } } include sites-enabled/*; }