2ddb6f262f
-there is one issue with the mimir hostname not being resolved from spark workers. may switch to stateful setfor mimir to resolve.
384 lines
9.2 KiB
Plaintext
384 lines
9.2 KiB
Plaintext
upstream vizier-supervisor {
|
|
server vizier-api.local:9001;
|
|
}
|
|
|
|
upstream mimir-supervisor {
|
|
server vizier-mimir.local:9001;
|
|
}
|
|
|
|
upstream proxy-supervisor {
|
|
server 127.0.0.1:9001;
|
|
}
|
|
|
|
upstream vizier {
|
|
server vizier-ui.local:80;
|
|
}
|
|
|
|
upstream vizierapi {
|
|
server vizier-api.local:443;
|
|
}
|
|
|
|
upstream sparkmaster {
|
|
server spark-master.local:8080;
|
|
}
|
|
|
|
upstream sparkhdfs {
|
|
server spark-master.local:50070;
|
|
}
|
|
|
|
upstream vizier-analytics {
|
|
server vizier-analytics.local:80;
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name vizier.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://vizier.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name vizier.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/vizier.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/vizier.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://vizier-supervisor;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name mimir.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://mimir.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name mimir.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/mimir.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/mimir.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://mimir-supervisor;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name proxy.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://proxy.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name proxy.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/proxy.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/proxy.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://proxy-supervisor;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name demo.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://demo.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name demo.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/demo.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/demo.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://vizier;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name api.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://api.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name api.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/api.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/api.vizier.app/privkey.pem;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://vizierapi;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name spark.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://spark.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name spark.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/spark.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/spark.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://sparkmaster;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name hdfs.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://hdfs.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name hdfs.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/hdfs.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/hdfs.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://sparkhdfs;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name analytics.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://analytics.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name analytics.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/analytics.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/analytics.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://vizier-analytics;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
} |