Initial config

This commit is contained in:
Fabio Sinibaldi 2025-03-05 15:08:11 +01:00
parent 1301465f2b
commit cc4e145921
4 changed files with 138 additions and 0 deletions

View File

@ -0,0 +1,9 @@
## First Level NGINX
This config allows for a default first level proxy to be put between FW and the other clusters
### Single Node
A multiple NGINX instances proxied by a single one
### Swarmed
4 Replicas

View File

@ -0,0 +1,94 @@
# Main context (this is the global configuration)
worker_processes 4;
events {
worker_connections 1024;
}
http {
include mime.types;
# Upstream block to define the Node.js backend servers
# Servers name come from compose definition
upstream swarm1_cluster {
server swarm1w1.sselab.ddns.net;
server swarm1w2.sselab.ddns.net;
server swarm1w3.sselab.ddns.net;
server swarm1w4.sselab.ddns.net;
}
#TODO manage certs
# server {
# listen 443 ssl; # Listen on port 443 for HTTPS
# server_name localhost;
# # SSL certificate settings
# ssl_certificate /Users/nana/nginx-certs/nginx-selfsigned.crt;
# ssl_certificate_key /Users/nana/nginx-certs/nginx-selfsigned.key;
# # Proxying requests to Node.js cluster
# location / {
# proxy_pass http://nodejs_cluster;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# }
# }
# Optional server block for HTTP to HTTPS redirection
server {
listen 80; # Listen on port 80 for HTTP
server_name *.sw1.sselab.ddns.net;
location / {
# Redirect all HTTP traffic to HTTPS
# TODO requires https
# return 301 https://$host$request_uri;
proxy_pass http://nodejs_cluster;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name *.sw1.hassallab.it;
location / {
# Redirect all HTTP traffic to HTTPS
# TODO requires https
# return 301 https://$host$request_uri;
proxy_pass http://nodejs_cluster;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
#Default Catch-all serving
server {
listen 80 default_server;
server_name _;
root /var/www/default;
location /{
try_files $uri /$uri /index.php;
}
}
}

View File

@ -0,0 +1,9 @@
version: '3.7'
services:
# --- NGINX ---
nginx:
image: nginx:latest
ports:
- '80:80'
- '443:443'

View File

@ -0,0 +1,26 @@
version: '3.7'
services:
# --- NGINX ---
nginx:
image: nginx:latest
ports:
- '80:80'
- '443:443'
deploy:
replicas: 4
update_config:
parallelism: 2
order: start-first
failure_action: rollback
delay: 10s
rollback_config:
parallelism: 0
order: stop-first
restart_policy:
condition: any
delay: 5s
max_attempts: 3
window: 120s
healthcheck:
test: ["CMD", "service", "nginx", "status"]