VizierDB/docker
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
docker/vizier-nginx-proxy/vizier_k8s.conf

466 lines
12 KiB
Plaintext
Raw Blame History

upstream vizier-supervisor {
server vizier-api:9001;
}
upstream mimir-supervisor {
server vizier-mimir:9001;
}
upstream mimir-driver {
server vizier-mimir:4041;
}
upstream mimir-api {
server vizier-mimir:8089;
}
upstream proxy-supervisor {
server 127.0.0.1:9001;
}
upstream vizier {
server vizier-ui:80;
}
upstream vizierapi {
server vizier-api:80;
}
upstream sparkmaster {
server namenode:8080;
}
upstream sparkhdfs {
server namenode:50070;
}
server {
listen 80;
server_name vizier.vizier.app;
# For Lets Encrypt, this needs to be served via HTTP
location ^~ /.well-known/acme-challenge {
allow all;
alias /var/www/acme;
}
location / {
return 301 https://vizier.vizier.app$request_uri;
}
}
server {
listen 443 ssl;
server_name vizier.vizier.app;
server_tokens off;
ssl on;
ssl_certificate /etc/ssl/acme/vizier.vizier.app/fullchain.pem;
ssl_certificate_key /etc/ssl/acme/private/vizier.vizier.app/privkey.pem;
#auth_basic "Vizier Demo";
#auth_basic_user_file /etc/nginx/.htpasswd;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://vizier-supervisor;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name mimir.vizier.app;
# For Lets Encrypt, this needs to be served via HTTP
location ^~ /.well-known/acme-challenge {
allow all;
alias /var/www/acme;
}
location / {
return 301 https://mimir.vizier.app$request_uri;
}
}
server {
listen 443 ssl;
server_name mimir.vizier.app;
server_tokens off;
ssl on;
ssl_certificate /etc/ssl/acme/mimir.vizier.app/fullchain.pem;
ssl_certificate_key /etc/ssl/acme/private/mimir.vizier.app/privkey.pem;
#auth_basic "Vizier Demo";
#auth_basic_user_file /etc/nginx/.htpasswd;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://mimir-supervisor;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
location /api-docs {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://mimir-api;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name driver.vizier.app;
# For Lets Encrypt, this needs to be served via HTTP
location ^~ /.well-known/acme-challenge {
allow all;
alias /var/www/acme;
}
location / {
return 301 https://driver.vizier.app$request_uri;
}
}
server {
listen 443 ssl;
server_name driver.vizier.app;
server_tokens off;
ssl on;
ssl_certificate /etc/ssl/acme/mimir.vizier.app/fullchain.pem;
ssl_certificate_key /etc/ssl/acme/private/mimir.vizier.app/privkey.pem;
#auth_basic "Vizier Demo";
#auth_basic_user_file /etc/nginx/.htpasswd;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://mimir-driver;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name proxy.vizier.app;
# For Lets Encrypt, this needs to be served via HTTP
location ^~ /.well-known/acme-challenge {
allow all;
alias /var/www/acme;
}
location / {
return 301 https://proxy.vizier.app$request_uri;
}
}
server {
listen 443 ssl;
server_name proxy.vizier.app;
server_tokens off;
ssl on;
ssl_certificate /etc/ssl/acme/proxy.vizier.app/fullchain.pem;
ssl_certificate_key /etc/ssl/acme/private/proxy.vizier.app/privkey.pem;
#auth_basic "Vizier Demo";
#auth_basic_user_file /etc/nginx/.htpasswd;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://proxy-supervisor;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name demo.vizier.app;
# For Lets Encrypt, this needs to be served via HTTP
location ^~ /.well-known/acme-challenge {
allow all;
alias /var/www/acme;
}
location / {
return 301 https://demo.vizier.app$request_uri;
}
}
server {
listen 443 ssl;
server_name demo.vizier.app;
server_tokens off;
ssl on;
ssl_certificate /etc/ssl/acme/demo.vizier.app/fullchain.pem;
ssl_certificate_key /etc/ssl/acme/private/demo.vizier.app/privkey.pem;
#auth_basic "Vizier Demo";
#auth_basic_user_file /etc/nginx/.htpasswd;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://vizier;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
location /vizier-db/api/v1/ {
#auth_basic "Vizier API";
#auth_basic_user_file /etc/nginx/.htpasswd_api;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://vizierapi;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name api.vizier.app;
# For Lets Encrypt, this needs to be served via HTTP
location ^~ /.well-known/acme-challenge {
allow all;
alias /var/www/acme;
}
location / {
return 301 https://api.vizier.app$request_uri;
}
}
server {
listen 443 ssl;
server_name api.vizier.app;
server_tokens off;
ssl on;
ssl_certificate /etc/ssl/acme/api.vizier.app/fullchain.pem;
ssl_certificate_key /etc/ssl/acme/private/api.vizier.app/privkey.pem;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://vizierapi;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name spark.vizier.app;
# For Lets Encrypt, this needs to be served via HTTP
location ^~ /.well-known/acme-challenge {
allow all;
alias /var/www/acme;
}
location / {
return 301 https://spark.vizier.app$request_uri;
}
}
server {
listen 443 ssl;
server_name spark.vizier.app;
server_tokens off;
ssl on;
ssl_certificate /etc/ssl/acme/spark.vizier.app/fullchain.pem;
ssl_certificate_key /etc/ssl/acme/private/spark.vizier.app/privkey.pem;
#auth_basic "Vizier Demo";
#auth_basic_user_file /etc/nginx/.htpasswd;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://sparkmaster;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name hdfs.vizier.app;
# For Lets Encrypt, this needs to be served via HTTP
location ^~ /.well-known/acme-challenge {
allow all;
alias /var/www/acme;
}
location / {
return 301 https://hdfs.vizier.app$request_uri;
}
}
server {
listen 443 ssl;
server_name hdfs.vizier.app;
server_tokens off;
ssl on;
ssl_certificate /etc/ssl/acme/hdfs.vizier.app/fullchain.pem;
ssl_certificate_key /etc/ssl/acme/private/hdfs.vizier.app/privkey.pem;
#auth_basic "Vizier Demo";
#auth_basic_user_file /etc/nginx/.htpasswd;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://sparkhdfs;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
}
server {
listen 80;
server_name analytics.vizier.app;
# For Lets Encrypt, this needs to be served via HTTP
location ^~ /.well-known/acme-challenge {
allow all;
alias /var/www/acme;
}
location / {
return 301 https://analytics.vizier.app$request_uri;
}
}
server {
listen 443 ssl;
server_name analytics.vizier.app;
server_tokens off;
ssl on;
ssl_certificate /etc/ssl/acme/analytics.vizier.app/fullchain.pem;
ssl_certificate_key /etc/ssl/acme/private/analytics.vizier.app/privkey.pem;
#auth_basic "Vizier Demo";
#auth_basic_user_file /etc/nginx/.htpasswd;
location / {
set $upstreamanalytics vizier-analytics:80;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://$upstreamanalytics;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Real-IP $remote_addr;
}
}
Reference in a new issue View git blame Copy permalink