upstream vizier-supervisor { server vizier-api:9001; } upstream mimir-supervisor { server vizier-mimir:9001; } upstream mimir-driver { server vizier-mimir:4041; } upstream mimir-api { server vizier-mimir:8089; } upstream proxy-supervisor { server 127.0.0.1:9001; } upstream vizier { server vizier-ui:80; } upstream vizierapi { server vizier-api:80; } upstream sparkmaster { server namenode:8080; } upstream sparkhdfs { server namenode:50070; } server { listen 80; server_name vizier.vizier.app; # For Lets Encrypt, this needs to be served via HTTP location ^~ /.well-known/acme-challenge { allow all; alias /var/www/acme; } location / { return 301 https://vizier.vizier.app$request_uri; } } server { listen 443 ssl; server_name vizier.vizier.app; server_tokens off; ssl on; ssl_certificate /etc/ssl/acme/vizier.vizier.app/fullchain.pem; ssl_certificate_key /etc/ssl/acme/private/vizier.vizier.app/privkey.pem; #auth_basic "Vizier Demo"; #auth_basic_user_file /etc/nginx/.htpasswd; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://vizier-supervisor; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } } server { listen 80; server_name mimir.vizier.app; # For Lets Encrypt, this needs to be served via HTTP location ^~ /.well-known/acme-challenge { allow all; alias /var/www/acme; } location / { return 301 https://mimir.vizier.app$request_uri; } } server { listen 443 ssl; server_name mimir.vizier.app; server_tokens off; ssl on; ssl_certificate /etc/ssl/acme/mimir.vizier.app/fullchain.pem; ssl_certificate_key /etc/ssl/acme/private/mimir.vizier.app/privkey.pem; #auth_basic "Vizier Demo"; #auth_basic_user_file /etc/nginx/.htpasswd; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://mimir-supervisor; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } location /api-docs { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://mimir-api; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } } server { listen 80; server_name driver.vizier.app; # For Lets Encrypt, this needs to be served via HTTP location ^~ /.well-known/acme-challenge { allow all; alias /var/www/acme; } location / { return 301 https://driver.vizier.app$request_uri; } } server { listen 443 ssl; server_name driver.vizier.app; server_tokens off; ssl on; ssl_certificate /etc/ssl/acme/mimir.vizier.app/fullchain.pem; ssl_certificate_key /etc/ssl/acme/private/mimir.vizier.app/privkey.pem; #auth_basic "Vizier Demo"; #auth_basic_user_file /etc/nginx/.htpasswd; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://mimir-driver; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } } server { listen 80; server_name proxy.vizier.app; # For Lets Encrypt, this needs to be served via HTTP location ^~ /.well-known/acme-challenge { allow all; alias /var/www/acme; } location / { return 301 https://proxy.vizier.app$request_uri; } } server { listen 443 ssl; server_name proxy.vizier.app; server_tokens off; ssl on; ssl_certificate /etc/ssl/acme/proxy.vizier.app/fullchain.pem; ssl_certificate_key /etc/ssl/acme/private/proxy.vizier.app/privkey.pem; #auth_basic "Vizier Demo"; #auth_basic_user_file /etc/nginx/.htpasswd; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://proxy-supervisor; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } } server { listen 80; server_name demo.vizier.app; # For Lets Encrypt, this needs to be served via HTTP location ^~ /.well-known/acme-challenge { allow all; alias /var/www/acme; } location / { return 301 https://demo.vizier.app$request_uri; } } server { listen 443 ssl; server_name demo.vizier.app; server_tokens off; ssl on; ssl_certificate /etc/ssl/acme/demo.vizier.app/fullchain.pem; ssl_certificate_key /etc/ssl/acme/private/demo.vizier.app/privkey.pem; #auth_basic "Vizier Demo"; #auth_basic_user_file /etc/nginx/.htpasswd; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://vizier; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } location /vizier-db/api/v1/ { #auth_basic "Vizier API"; #auth_basic_user_file /etc/nginx/.htpasswd_api; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://vizierapi; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } } server { listen 80; server_name api.vizier.app; # For Lets Encrypt, this needs to be served via HTTP location ^~ /.well-known/acme-challenge { allow all; alias /var/www/acme; } location / { return 301 https://api.vizier.app$request_uri; } } server { listen 443 ssl; server_name api.vizier.app; server_tokens off; ssl on; ssl_certificate /etc/ssl/acme/api.vizier.app/fullchain.pem; ssl_certificate_key /etc/ssl/acme/private/api.vizier.app/privkey.pem; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://vizierapi; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } } server { listen 80; server_name spark.vizier.app; # For Lets Encrypt, this needs to be served via HTTP location ^~ /.well-known/acme-challenge { allow all; alias /var/www/acme; } location / { return 301 https://spark.vizier.app$request_uri; } } server { listen 443 ssl; server_name spark.vizier.app; server_tokens off; ssl on; ssl_certificate /etc/ssl/acme/spark.vizier.app/fullchain.pem; ssl_certificate_key /etc/ssl/acme/private/spark.vizier.app/privkey.pem; #auth_basic "Vizier Demo"; #auth_basic_user_file /etc/nginx/.htpasswd; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://sparkmaster; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } } server { listen 80; server_name hdfs.vizier.app; # For Lets Encrypt, this needs to be served via HTTP location ^~ /.well-known/acme-challenge { allow all; alias /var/www/acme; } location / { return 301 https://hdfs.vizier.app$request_uri; } } server { listen 443 ssl; server_name hdfs.vizier.app; server_tokens off; ssl on; ssl_certificate /etc/ssl/acme/hdfs.vizier.app/fullchain.pem; ssl_certificate_key /etc/ssl/acme/private/hdfs.vizier.app/privkey.pem; #auth_basic "Vizier Demo"; #auth_basic_user_file /etc/nginx/.htpasswd; location / { proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://sparkhdfs; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } } server { listen 80; server_name analytics.vizier.app; # For Lets Encrypt, this needs to be served via HTTP location ^~ /.well-known/acme-challenge { allow all; alias /var/www/acme; } location / { return 301 https://analytics.vizier.app$request_uri; } } server { listen 443 ssl; server_name analytics.vizier.app; server_tokens off; ssl on; ssl_certificate /etc/ssl/acme/analytics.vizier.app/fullchain.pem; ssl_certificate_key /etc/ssl/acme/private/analytics.vizier.app/privkey.pem; #auth_basic "Vizier Demo"; #auth_basic_user_file /etc/nginx/.htpasswd; location / { set $upstreamanalytics vizier-analytics:80; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Frame-Options SAMEORIGIN; proxy_pass http://$upstreamanalytics; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; proxy_set_header X-Real-IP $remote_addr; } }