denis
/
uchill
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
uchill/docker/nginx/conf.d/platform.conf

184 lines
6.7 KiB
Plaintext
Raw Blame History

# ==============================================
# Production конфигурация для платформы
# ==============================================
# Редирект HTTP на HTTPS (отключено для dev - нет SSL сертификатов)
# server {
# listen 80;
# server_name _;
#
# # Let's Encrypt challenge
# location /.well-known/acme-challenge/ {
# root /var/www/certbot;
# }
#
# # Редирект на HTTPS
# location / {
# return 301 https://$host$request_uri;
# }
# }
# HTTPS сервер (отключено для dev - нет SSL сертификатов)
# Для включения: создайте сертификаты в /etc/nginx/ssl/ и раскомментируйте
# server {
# listen 443 ssl;
# http2 on;
# server_name _;
#
# # SSL сертификаты (замените на свои)
# ssl_certificate /etc/nginx/ssl/cert.pem;
# ssl_certificate_key /etc/nginx/ssl/key.pem;
#
# # # SSL настройки
# ssl_protocols TLSv1.2 TLSv1.3;
# ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
# ssl_prefer_server_ciphers on;
# ssl_session_cache shared:SSL:10m;
# ssl_session_timeout 10m;
# ssl_stapling on;
# ssl_stapling_verify on;
#
# # Безопасность
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# add_header X-Frame-Options "SAMEORIGIN" always;
# add_header X-Content-Type-Options "nosniff" always;
# add_header X-XSS-Protection "1; mode=block" always;
# add_header Referrer-Policy "no-referrer-when-downgrade" always;
#
# # Размер загружаемых файлов
# client_max_body_size 100M;
#
# # Таймауты
# proxy_connect_timeout 60s;
# proxy_send_timeout 60s;
# proxy_read_timeout 60s;
#
# # ==============================================
# # Статические файлы
# # ==============================================
# location /static/ {
# alias /var/www/static/;
# expires 30d;
# add_header Cache-Control "public, immutable";
# access_log off;
# }
#
# location /media/ {
# alias /var/www/media/;
# expires 7d;
# add_header Cache-Control "public";
# access_log off;
# }
#
# # ==============================================
# # API (Backend)
# # ==============================================
# location /api/ {
# limit_req zone=api_limit burst=20 nodelay;
# limit_conn conn_limit 10;
#
# proxy_pass http://backend;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header X-Forwarded-Host $host;
# proxy_set_header X-Forwarded-Port $server_port;
#
# # WebSocket поддержка
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "upgrade";
#
# # Кэширование для GET запросов
# proxy_cache api_cache;
# proxy_cache_valid 200 5m;
# proxy_cache_methods GET HEAD;
# proxy_cache_key "$scheme$request_method$host$request_uri";
# add_header X-Cache-Status $upstream_cache_status;
# }
#
# # Health check без ограничений
# location /health/ {
# proxy_pass http://backend;
# proxy_set_header Host $host;
# access_log off;
# }
#
# # ==============================================
# # WebSocket для уведомлений
# # ==============================================
# location /ws/ {
# proxy_pass http://backend;
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "upgrade";
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
#
# # Таймауты для WebSocket
# proxy_read_timeout 3600s;
# proxy_send_timeout 3600s;
# }
#
# # ==============================================
# # LiveKit - видеоконференции (официальный Go-сервер)
# # Всё проходит через наш сервис
# # ==============================================
# location /livekit {
# proxy_pass http://livekit/;
# proxy_http_version 1.1;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "upgrade";
# proxy_read_timeout 86400s;
# proxy_send_timeout 86400s;
# }
#
# # ==============================================
# # Whiteboard (Collaborative Whiteboard)
# # ==============================================
# location /whiteboard/ {
# proxy_pass http://whiteboard/;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header X-Forwarded-Host $host;
#
# # WebSocket для whiteboard
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "upgrade";
#
# # Таймауты для WebSocket
# proxy_read_timeout 3600s;
# proxy_send_timeout 3600s;
# }
#
# # ==============================================
# # Frontend (Next.js)
# # ==============================================
# location / {
# limit_req zone=general_limit burst=50 nodelay;
#
# proxy_pass http://frontend;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_set_header X-Forwarded-Host $host;
#
# # WebSocket для Next.js HMR (только в dev)
# proxy_http_version 1.1;
# proxy_set_header Upgrade $http_upgrade;
# proxy_set_header Connection "upgrade";
# }
# }
Reference in New Issue View Git Blame Copy Permalink