slaprunner : shellinabox is now accessible from a url
[slapos.git] / software / slaprunner / nginx_conf.in
1 worker_processes {{ param_nginx_frontend['nb_workers'] }};
2
3 pid {{ param_nginx_frontend['path_pid'] }};
4 error_log {{ param_nginx_frontend['path_error_log'] }};
5
6 daemon off;
7
8 events {
9         worker_connections 1024;
10         accept_mutex off;
11 }
12
13 http {
14      default_type application/octet-stream;
15      access_log {{ param_nginx_frontend['path_access_log'] }} combined;
16      map $http_upgrade $connection_upgrade {
17         default upgrade;
18         ''      close;
19      }
20      server {
21         listen {{ param_nginx_frontend['local-ip'] }}:{{ param_nginx_frontend['port'] }};
22         server_name _;
23
24         keepalive_timeout 90s;
25         client_body_temp_path {{ param_tempdir['client_body_temp_path'] }};
26         proxy_temp_path {{ param_tempdir['proxy_temp_path'] }};
27         fastcgi_temp_path {{ param_tempdir['fastcgi_temp_path'] }};
28         uwsgi_temp_path {{ param_tempdir['uwsgi_temp_path'] }};
29         scgi_temp_path {{ param_tempdir['scgi_temp_path'] }};
30         location / {
31             auth_basic  "Restricted";
32             auth_basic_user_file   {{ param_nginx_frontend['etc_dir'] }}/.htpasswd;
33             proxy_pass  http://{{ param_nginx_frontend['cloud9-ip'] }}:{{ param_nginx_frontend['cloud9-port'] }};
34             proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
35             proxy_redirect off;
36             proxy_buffering off;
37             proxy_http_version 1.1;
38             proxy_set_header Upgrade $http_upgrade;
39             proxy_set_header Connection $connection_upgrade;
40             proxy_set_header        Host            $host;
41             proxy_set_header        X-Real-IP       $remote_addr;
42             proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
43         }
44     }
45      server {
46         listen [{{ param_nginx_frontend['global-ip'] }}]:{{ param_nginx_frontend['global-port'] }} ssl;
47         server_name _;
48         ssl_certificate     {{ param_nginx_frontend['ssl-certificate'] }};
49         ssl_certificate_key {{ param_nginx_frontend['ssl-key'] }};
50         ssl_protocols       SSLv3 TLSv1 TLSv1.1 TLSv1.2;
51         ssl_ciphers         HIGH:!aNULL:!MD5;
52         keepalive_timeout 90s;
53         client_body_temp_path {{ param_tempdir['client_body_temp_path'] }};
54         proxy_temp_path {{ param_tempdir['proxy_temp_path'] }};
55         fastcgi_temp_path {{ param_tempdir['fastcgi_temp_path'] }};
56         uwsgi_temp_path {{ param_tempdir['uwsgi_temp_path'] }};
57         scgi_temp_path {{ param_tempdir['scgi_temp_path'] }};
58         location / {
59             proxy_pass  http://{{ param_nginx_frontend['runner-ip'] }}:{{ param_nginx_frontend['runner-port'] }};
60             proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
61             proxy_redirect off;
62             proxy_buffering off;
63             proxy_set_header        Host              $host;
64             proxy_set_header        X-Real-IP         $remote_addr;
65             proxy_set_header        X-Forwarded-Proto $scheme;
66             proxy_set_header        X-Forwarded-For   $proxy_add_x_forwarded_for;
67             proxy_set_header        X-Forwarded-Host  $http_host;
68         }
69         location /shellinabox {
70             proxy_pass  http://{{ param_nginx_frontend['global-ip'] }}:{{ shellinabox_port }}/;
71             proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
72             proxy_redirect off;
73             proxy_buffering off;
74             proxy_set_header        Host              $host;
75             proxy_set_header        X-Real-IP         $remote_addr;
76             proxy_set_header        X-Forwarded-Proto $scheme;
77             proxy_set_header        X-Forwarded-For   $proxy_add_x_forwarded_for;
78             proxy_set_header        X-Forwarded-Host  $http_host;
79
80         }
81     }
82 }