402 lines
9.8 KiB
Plaintext
402 lines
9.8 KiB
Plaintext
upstream vizier-supervisor {
|
|
server vizier-api:9001;
|
|
}
|
|
|
|
upstream mimir-supervisor {
|
|
server vizier-mimir:9001;
|
|
}
|
|
|
|
upstream proxy-supervisor {
|
|
server 127.0.0.1:9001;
|
|
}
|
|
|
|
upstream vizier {
|
|
server vizier-ui:80;
|
|
}
|
|
|
|
upstream vizierapi {
|
|
server vizier-api:80;
|
|
}
|
|
|
|
upstream sparkmaster {
|
|
server namenode:8080;
|
|
}
|
|
|
|
upstream sparkhdfs {
|
|
server namenode:50070;
|
|
}
|
|
|
|
upstream vizier-analytics {
|
|
server vizier-analytics:80;
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name vizier.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://vizier.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name vizier.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/vizier.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/vizier.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://vizier-supervisor;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name mimir.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://mimir.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name mimir.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/mimir.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/mimir.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://mimir-supervisor;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name proxy.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://proxy.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name proxy.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/proxy.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/proxy.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://proxy-supervisor;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name demo.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://demo.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name demo.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/demo.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/demo.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://vizier;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
|
|
location /api/ {
|
|
auth_basic "Vizier Demo";
|
|
auth_basic_user_file /etc/nginx/.htpasswd;
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://vizierapi/;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name api.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://api.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name api.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/api.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/api.vizier.app/privkey.pem;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://vizierapi;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name spark.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://spark.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name spark.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/spark.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/spark.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://sparkmaster;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name hdfs.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://hdfs.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name hdfs.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/hdfs.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/hdfs.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://sparkhdfs;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|
|
|
|
|
|
server {
|
|
listen 80;
|
|
server_name analytics.vizier.app;
|
|
|
|
# For Lets Encrypt, this needs to be served via HTTP
|
|
location ^~ /.well-known/acme-challenge {
|
|
allow all;
|
|
alias /var/www/acme;
|
|
}
|
|
|
|
location / {
|
|
return 301 https://analytics.vizier.app$request_uri;
|
|
}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name analytics.vizier.app;
|
|
|
|
server_tokens off;
|
|
|
|
ssl on;
|
|
ssl_certificate /etc/ssl/acme/analytics.vizier.app/fullchain.pem;
|
|
ssl_certificate_key /etc/ssl/acme/private/analytics.vizier.app/privkey.pem;
|
|
|
|
#auth_basic "Vizier Demo";
|
|
#auth_basic_user_file /etc/nginx/.htpasswd;
|
|
|
|
location / {
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Frame-Options SAMEORIGIN;
|
|
|
|
proxy_pass http://vizier-analytics;
|
|
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection $connection_upgrade;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
}
|
|
}
|