skynet-webportal/docker/nginx/nginx.conf

# nginx.conf  --  docker-openresty
#
# This file is installed to:
#   `/usr/local/openresty/nginx/conf/nginx.conf`
# and is the file loaded by nginx at startup,
# unless the user specifies otherwise.
#
# It tracks the upstream OpenResty's `nginx.conf`, but removes the `server`
# section and adds this directive:
#     `include /etc/nginx/conf.d/*.conf;`
#
# The `docker-openresty` file `nginx.vh.default.conf` is copied to
# `/etc/nginx/conf.d/default.conf`.  It contains the `server section
# of the upstream `nginx.conf`.
#
# See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files
#

user  root;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

env SKYNET_PORTAL_API; # declare env variable to use it in config
env ACCOUNTS_ENABLED; # declare env variable to use it in config

events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
        '$status $body_bytes_sent "$http_referer" '
        '"$http_user_agent" $upstream_response_time '
        '$upstream_bytes_sent $upstream_bytes_received '
        '"$upstream_http_content_type" "$upstream_cache_status" '
        '"$portal_domain" "$upstream_http_skynet_skylink" '
        '$upstream_connect_time $upstream_header_time '
        '$request_time "$hns_domain"';

    access_log  logs/access.log  main;

    # See Move default writable paths to a dedicated directory (#119)
    # https://github.com/openresty/docker-openresty/issues/119
    client_body_temp_path /var/run/openresty/nginx-client-body;
    proxy_temp_path       /var/run/openresty/nginx-proxy;
    fastcgi_temp_path     /var/run/openresty/nginx-fastcgi;
    uwsgi_temp_path       /var/run/openresty/nginx-uwsgi;
    scgi_temp_path        /var/run/openresty/nginx-scgi;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    # include skynet-portal-api header on every request
    header_filter_by_lua 'ngx.header["Skynet-Portal-Api"] = os.getenv("SKYNET_PORTAL_API")';

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/conf.extra.d/*.conf;
}
set user root for nginx 2020-07-30 12:57:34 +00:00			`# nginx.conf -- docker-openresty`
			`#`
			`# This file is installed to:`
			# `/usr/local/openresty/nginx/conf/nginx.conf`
			`# and is the file loaded by nginx at startup,`
			`# unless the user specifies otherwise.`
			`#`
			# It tracks the upstream OpenResty's `nginx.conf`, but removes the `server`
			`# section and adds this directive:`
			# `include /etc/nginx/conf.d/*.conf;`
			`#`
			# The `docker-openresty` file `nginx.vh.default.conf` is copied to
			# `/etc/nginx/conf.d/default.conf`. It contains the `server section
			# of the upstream `nginx.conf`.
			`#`
			`# See https://github.com/openresty/docker-openresty/blob/master/README.md#nginx-config-files`
			`#`

			`user root;`
			`worker_processes 1;`

			`#error_log logs/error.log;`
			`#error_log logs/error.log notice;`
			`#error_log logs/error.log info;`

			`#pid logs/nginx.pid;`

add skynet-portal-api header 2021-02-18 09:10:04 +00:00			`env SKYNET_PORTAL_API; # declare env variable to use it in config`
Accounts (#554) * stripe env * stripe env * stripe env * allow post * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * favicon * foo * foo * foo * foo * foo * foo * title * fix dashboard timestamp * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * prices * Revert "prices" This reverts commit 7071ed4ef4641bc7a7247f2b56ba1159c9606112. * Make sure we don't accidentally commit `kratos.yml`. * Add Oathkeeper access rules for Stripe. * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * Add `max_breaches` to Kratos's sample config file. * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * cache .next folder * Use own fork of Kratos's `master` in order to get the fix for the migrations issue. * Don't retry running Kratos migrations. * payments * restart: no * no * no * no * no * no * no * no * no * no * payments * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * limits * limits * nginx depends on accounts and kratos-migrate depends on cockroach. * upload limit rate * upload limit rate - 2 * upload limit rate - 3 * upload limit rate - 4 * upload limit rate - 5 * upload limit rate - 6 * upload limit rate - 7 * upload limit rate - 8 * upload limit rate - 9 * forgotten password link * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * copy to clipboard * fix ratelimit issue * Allow access to the stripe webhook. * enable allow_promotion_codes * Allow POST on webhook. * Add all env vars accounts need to docker-compose. * Don't use custom port for accounts. * print recovery * recovery sign up link * refactor cors header response * refactor cors header response * do not log unauthorized * fix registration link * settings logging * update node and tailwindcss * move webapp from volume * host 0.0.0.0 * refactor dockerfile * enable accounts * cache public * uncache public * remove cache control * no-cache * no cache * Do not use the person's name for registration. * add verify route * add verify route * add verify route * Go back to using the stock kratos image. * add verify route * fix settings link * clean up verify flow * refactor Dockerfile * Remove first and last name from used traits. * Remove account verification via email. * Allow additional properties. * Cookies and tokens last for 30 days now. * Rename secure.siasky.net to account.siasky.net. * redirect secure to account Co-authored-by: Ivaylo Novakov <inovakov@gmail.com> Co-authored-by: Ivaylo Novakov <ro-tex@users.noreply.github.com> 2021-04-01 13:15:37 +00:00			`env ACCOUNTS_ENABLED; # declare env variable to use it in config`
set user root for nginx 2020-07-30 12:57:34 +00:00
			`events {`
			`worker_connections 1024;`
			`}`


			`http {`
			`include mime.types;`
			`default_type application/octet-stream;`

Nginx Log Format (#356) * add filebeat * nginx.conf access.log * nginx.conf access.log * fix filebeat * add upstream data to access log * Update nginx.conf * Add content type header to access_log format * Add quotes * logs with wildcard to include gzipped ones * Remove filebeat config Co-authored-by: PJ <peterjan.brone@gmail.com> 2020-09-09 08:17:12 +00:00			`log_format main '$remote_addr - $remote_user [$time_local] "$request" '`
			`'$status $body_bytes_sent "$http_referer" '`
			`'"$http_user_agent" $upstream_response_time '`
			`'$upstream_bytes_sent $upstream_bytes_received '`
Add portal domain to log format 2020-10-09 14:35:34 +00:00			`'"$upstream_http_content_type" "$upstream_cache_status" '`
add new nginx metrics to measure performance 2021-01-13 14:13:34 +00:00			`'"$portal_domain" "$upstream_http_skynet_skylink" '`
add hns_domain and remove named variables 2021-01-13 16:49:24 +00:00			`'$upstream_connect_time $upstream_header_time '`
			`'$request_time "$hns_domain"';`
set user root for nginx 2020-07-30 12:57:34 +00:00
Nginx Log Format (#356) * add filebeat * nginx.conf access.log * nginx.conf access.log * fix filebeat * add upstream data to access log * Update nginx.conf * Add content type header to access_log format * Add quotes * logs with wildcard to include gzipped ones * Remove filebeat config Co-authored-by: PJ <peterjan.brone@gmail.com> 2020-09-09 08:17:12 +00:00			`access_log logs/access.log main;`
set user root for nginx 2020-07-30 12:57:34 +00:00
			`# See Move default writable paths to a dedicated directory (#119)`
			`# https://github.com/openresty/docker-openresty/issues/119`
			`client_body_temp_path /var/run/openresty/nginx-client-body;`
			`proxy_temp_path /var/run/openresty/nginx-proxy;`
			`fastcgi_temp_path /var/run/openresty/nginx-fastcgi;`
			`uwsgi_temp_path /var/run/openresty/nginx-uwsgi;`
			`scgi_temp_path /var/run/openresty/nginx-scgi;`

			`sendfile on;`
			`#tcp_nopush on;`

			`#keepalive_timeout 0;`
			`keepalive_timeout 65;`

			`#gzip on;`

add skynet-portal-api header 2021-02-18 09:10:04 +00:00			`# include skynet-portal-api header on every request`
			`header_filter_by_lua 'ngx.header["Skynet-Portal-Api"] = os.getenv("SKYNET_PORTAL_API")';`

set user root for nginx 2020-07-30 12:57:34 +00:00			`include /etc/nginx/conf.d/*.conf;`
Accounts (#554) * stripe env * stripe env * stripe env * allow post * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * accounts/** * favicon * foo * foo * foo * foo * foo * foo * title * fix dashboard timestamp * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * prices * Revert "prices" This reverts commit 7071ed4ef4641bc7a7247f2b56ba1159c9606112. * Make sure we don't accidentally commit `kratos.yml`. * Add Oathkeeper access rules for Stripe. * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * Add `max_breaches` to Kratos's sample config file. * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * payments * cache .next folder * Use own fork of Kratos's `master` in order to get the fix for the migrations issue. * Don't retry running Kratos migrations. * payments * restart: no * no * no * no * no * no * no * no * no * no * payments * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * accounts * limits * limits * nginx depends on accounts and kratos-migrate depends on cockroach. * upload limit rate * upload limit rate - 2 * upload limit rate - 3 * upload limit rate - 4 * upload limit rate - 5 * upload limit rate - 6 * upload limit rate - 7 * upload limit rate - 8 * upload limit rate - 9 * forgotten password link * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * use header for skylink * copy to clipboard * fix ratelimit issue * Allow access to the stripe webhook. * enable allow_promotion_codes * Allow POST on webhook. * Add all env vars accounts need to docker-compose. * Don't use custom port for accounts. * print recovery * recovery sign up link * refactor cors header response * refactor cors header response * do not log unauthorized * fix registration link * settings logging * update node and tailwindcss * move webapp from volume * host 0.0.0.0 * refactor dockerfile * enable accounts * cache public * uncache public * remove cache control * no-cache * no cache * Do not use the person's name for registration. * add verify route * add verify route * add verify route * Go back to using the stock kratos image. * add verify route * fix settings link * clean up verify flow * refactor Dockerfile * Remove first and last name from used traits. * Remove account verification via email. * Allow additional properties. * Cookies and tokens last for 30 days now. * Rename secure.siasky.net to account.siasky.net. * redirect secure to account Co-authored-by: Ivaylo Novakov <inovakov@gmail.com> Co-authored-by: Ivaylo Novakov <ro-tex@users.noreply.github.com> 2021-04-01 13:15:37 +00:00			`include /etc/nginx/conf.extra.d/*.conf;`
set user root for nginx 2020-07-30 12:57:34 +00:00			`}`