Настройка nginx conf в качестве reverse proxy для облачного офиса — различия между версиями
Материал из Wiki AlterOS
(→Config 2:) |
|||
(не показаны 4 промежуточные версии этого же участника) | |||
Строка 8: | Строка 8: | ||
proxy_redirect default; | proxy_redirect default; | ||
client_max_body_size 4G; | client_max_body_size 4G; | ||
− | + | proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | proxy_set_header X-Real-IP $remote_addr; | ||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
Строка 32: | Строка 32: | ||
==== Config 2: ==== | ==== Config 2: ==== | ||
− | + | Конфигурационный файл nginx editors.alteroffice.ru.conf | |
+ | server { | ||
+ | server_name editors.alteroffice.ru; | ||
+ | location / { | ||
+ | proxy_buffering off; | ||
+ | proxy_pass http://192.168.120.133:9980/; | ||
+ | proxy_redirect default; | ||
+ | client_max_body_size 4G; | ||
+ | proxy_set_header Host $host; | ||
+ | proxy_set_header X-Real-IP $remote_addr; | ||
+ | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
+ | proxy_set_header X-Forwarded-Proto $scheme; | ||
+ | } | ||
+ | |||
+ | # static files | ||
+ | location ^~ /loleaflet { | ||
+ | proxy_buffering off; | ||
+ | proxy_pass http://192.168.120.133:9980; | ||
+ | proxy_set_header Host $http_host; | ||
+ | } | ||
+ | |||
+ | # WOPI discovery URL | ||
+ | location ^~ /hosting/discovery { | ||
+ | proxy_buffering off; | ||
+ | proxy_pass http://192.168.120.133:9980; | ||
+ | proxy_set_header Host $http_host; | ||
+ | } | ||
+ | |||
+ | # Capabilities | ||
+ | location ^~ /hosting/capabilities { | ||
+ | proxy_buffering off; | ||
+ | proxy_pass http://192.168.120.133:9980; | ||
+ | proxy_set_header Host $http_host; | ||
+ | } | ||
+ | |||
+ | # main websocket | ||
+ | location ~ ^/lool/(.*)/ws$ { | ||
+ | proxy_buffering off; | ||
+ | proxy_pass http://192.168.120.133:9980; | ||
+ | proxy_set_header Upgrade $http_upgrade; | ||
+ | proxy_set_header Connection "Upgrade"; | ||
+ | proxy_set_header Host $http_host; | ||
+ | proxy_read_timeout 36000s; | ||
+ | } | ||
+ | |||
+ | # download, presentation and image upload | ||
+ | location ~ ^/lool { | ||
+ | proxy_buffering off; | ||
+ | proxy_pass http://192.168.120.133:9980; | ||
+ | proxy_set_header Host $http_host; | ||
+ | } | ||
+ | |||
+ | # Admin Console websocket | ||
+ | location ^~ /lool/adminws { | ||
+ | proxy_buffering off; | ||
+ | proxy_pass http://192.168.120.133:9980; | ||
+ | proxy_set_header Upgrade $http_upgrade; | ||
+ | proxy_set_header Connection "Upgrade"; | ||
+ | proxy_set_header Host $http_host; | ||
+ | proxy_read_timeout 36000s; | ||
+ | } | ||
+ | |||
+ | listen 443 ssl; # managed by Certbot | ||
+ | ssl_certificate /etc/letsencrypt/live/editors.alteroffice.ru/fullchain.pem; # managed by Certbot | ||
+ | ssl_certificate_key /etc/letsencrypt/live/editors.alteroffice.ru/privkey.pem; # managed by Certbot | ||
+ | include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot | ||
+ | ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot | ||
+ | |||
+ | } | ||
+ | server { | ||
+ | if ($host = editors.alteroffice.ru) { | ||
+ | return 301 https://$host$request_uri; | ||
+ | } # managed by Certbot | ||
+ | |||
+ | server_name editors.alteroffice.ru; | ||
+ | |||
+ | listen 80; | ||
+ | return 404; # managed by Certbot | ||
+ | } |
Текущая версия на 10:48, 9 ноября 2022
Конфигурационный файл nginx web.alteroffice.ru.conf
Config 1:
server { server_name web.alteroffice.ru; location / { proxy_buffering off; proxy_pass http://192.168.120.204/; proxy_redirect default; client_max_body_size 4G; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/web.alteroffice.ru/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/web.alteroffice.ru/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = web.alteroffice.ru) { return 301 https://$host$request_uri; } # managed by Certbot server_name web.alteroffice.ru; listen 80; return 404; # managed by Certbot }
Config 2:
Конфигурационный файл nginx editors.alteroffice.ru.conf
server { server_name editors.alteroffice.ru; location / { proxy_buffering off; proxy_pass http://192.168.120.133:9980/; proxy_redirect default; client_max_body_size 4G; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } # static files location ^~ /loleaflet { proxy_buffering off; proxy_pass http://192.168.120.133:9980; proxy_set_header Host $http_host; } # WOPI discovery URL location ^~ /hosting/discovery { proxy_buffering off; proxy_pass http://192.168.120.133:9980; proxy_set_header Host $http_host; } # Capabilities location ^~ /hosting/capabilities { proxy_buffering off; proxy_pass http://192.168.120.133:9980; proxy_set_header Host $http_host; } # main websocket location ~ ^/lool/(.*)/ws$ { proxy_buffering off; proxy_pass http://192.168.120.133:9980; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $http_host; proxy_read_timeout 36000s; } # download, presentation and image upload location ~ ^/lool { proxy_buffering off; proxy_pass http://192.168.120.133:9980; proxy_set_header Host $http_host; } # Admin Console websocket location ^~ /lool/adminws { proxy_buffering off; proxy_pass http://192.168.120.133:9980; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; proxy_set_header Host $http_host; proxy_read_timeout 36000s; } listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/editors.alteroffice.ru/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/editors.alteroffice.ru/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot } server { if ($host = editors.alteroffice.ru) { return 301 https://$host$request_uri; } # managed by Certbot server_name editors.alteroffice.ru; listen 80; return 404; # managed by Certbot }