Настройка nginx conf в качестве reverse proxy для облачного офиса — различия между версиями

Текущая версия на 10:48, 9 ноября 2022

Конфигурационный файл nginx web.alteroffice.ru.conf

Config 1:

server {
       server_name web.alteroffice.ru;
       location / {
           proxy_buffering  off;
           proxy_pass         http://192.168.120.204/;
           proxy_redirect     default;
           client_max_body_size                4G;
           proxy_set_header Host $host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
       }
   listen 443 ssl; # managed by Certbot
   ssl_certificate /etc/letsencrypt/live/web.alteroffice.ru/fullchain.pem; # managed by Certbot
   ssl_certificate_key /etc/letsencrypt/live/web.alteroffice.ru/privkey.pem; # managed by Certbot
   include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
   ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
   if ($host = web.alteroffice.ru) {
       return 301 https://$host$request_uri;
   } # managed by Certbot

   server_name web.alteroffice.ru;

   listen 80;
   return 404; # managed by Certbot
} 

Config 2:

Конфигурационный файл nginx editors.alteroffice.ru.conf

server {
         server_name editors.alteroffice.ru;
         location / {
             proxy_buffering  off;
             proxy_pass         http://192.168.120.133:9980/;
             proxy_redirect     default;
 	    client_max_body_size                4G;
 	    proxy_set_header Host $host;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header X-Forwarded-Proto $scheme;
         }
 
     # static files
     location ^~ /loleaflet {
proxy_buffering  off;
        proxy_pass http://192.168.120.133:9980;
        proxy_set_header Host $http_host;
    }

    # WOPI discovery URL
    location ^~ /hosting/discovery {
proxy_buffering  off;        
proxy_pass http://192.168.120.133:9980;
        proxy_set_header Host $http_host;
    }

    # Capabilities
    location ^~ /hosting/capabilities {
proxy_buffering  off;        
proxy_pass http://192.168.120.133:9980;
        proxy_set_header Host $http_host;
    }

    # main websocket
    location ~ ^/lool/(.*)/ws$ {
proxy_buffering  off;        
proxy_pass http://192.168.120.133:9980;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $http_host;
        proxy_read_timeout 36000s;
    }

    # download, presentation and image upload
    location ~ ^/lool {
proxy_buffering  off;        
proxy_pass http://192.168.120.133:9980;
        proxy_set_header Host $http_host;
    }

    # Admin Console websocket
    location ^~ /lool/adminws {
proxy_buffering  off;        
proxy_pass http://192.168.120.133:9980;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $http_host;
        proxy_read_timeout 36000s;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/editors.alteroffice.ru/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/editors.alteroffice.ru/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = editors.alteroffice.ru) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

        server_name editors.alteroffice.ru;

    listen 80;
    return 404; # managed by Certbot
}