2020-03-27 17:54:11 +03:00
|
|
|
# Copyright 2020 the .NET Foundation
|
|
|
|
# Licensed under the MIT License
|
2020-03-27 18:36:12 +03:00
|
|
|
#
|
|
|
|
# Useful links:
|
|
|
|
#
|
|
|
|
# https://nginx.org/en/docs/http/ngx_http_core_module.html#variables
|
|
|
|
# https://nginx.org/en/docs/http/ngx_http_map_module.html
|
|
|
|
# https://nginx.org/en/docs/http/ngx_http_rewrite_module.html#rewrite
|
2020-03-27 17:54:11 +03:00
|
|
|
|
|
|
|
user nginx;
|
|
|
|
worker_processes auto;
|
|
|
|
error_log /var/log/nginx/error.log warn;
|
|
|
|
pid /var/run/nginx.pid;
|
|
|
|
|
|
|
|
events {
|
|
|
|
worker_connections 1024;
|
|
|
|
}
|
|
|
|
|
|
|
|
http {
|
|
|
|
include /etc/nginx/mime.types;
|
|
|
|
default_type application/octet-stream;
|
|
|
|
|
|
|
|
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
|
|
|
|
'$status $body_bytes_sent "$http_referer" '
|
|
|
|
'"$http_user_agent" "$http_x_forwarded_for"';
|
|
|
|
access_log /var/log/nginx/access.log main;
|
|
|
|
|
|
|
|
sendfile on;
|
|
|
|
#tcp_nopush on;
|
|
|
|
keepalive_timeout 65;
|
|
|
|
#gzip on;
|
|
|
|
|
2020-03-27 22:38:51 +03:00
|
|
|
map_hash_bucket_size 128;
|
|
|
|
|
2020-03-27 19:44:24 +03:00
|
|
|
map $uri $rw_temp_path {
|
2020-03-27 18:36:12 +03:00
|
|
|
default "none";
|
|
|
|
include /etc/nginx/temporary_redirects.map;
|
|
|
|
}
|
|
|
|
|
2020-03-27 22:38:51 +03:00
|
|
|
map $uri $rw_perm_path {
|
|
|
|
default "none";
|
|
|
|
include /etc/nginx/permanent_redirects.map;
|
|
|
|
}
|
|
|
|
|
2020-03-27 17:54:11 +03:00
|
|
|
server {
|
|
|
|
listen 80;
|
2020-03-27 18:36:12 +03:00
|
|
|
root /usr/share/nginx/html;
|
2020-03-27 17:54:11 +03:00
|
|
|
|
2020-03-27 19:44:24 +03:00
|
|
|
# Set up to redirect properly. See the README for a bit on the motivation
|
|
|
|
# -- we need to handle several combinations to support both local Docker
|
|
|
|
# testing and production deployment behind an SSL terminating gateway.
|
|
|
|
# Note that (1) environment variables are substituted into this file
|
|
|
|
# literally using `envsubst` (see `Dockerfile`) (2) nginx's `if` syntax is
|
|
|
|
# very limited, disallowing nesting and comparison of literals.
|
|
|
|
|
|
|
|
set $pfdn "${PUBLIC_FACING_DOMAIN_NAME}";
|
|
|
|
set $redir_scheme $scheme;
|
|
|
|
|
|
|
|
if ($http_x_forwarded_proto != "") {
|
|
|
|
set $redir_scheme "$http_x_forwarded_proto";
|
|
|
|
}
|
|
|
|
|
|
|
|
set $redir_prefix "$redir_scheme://$http_host";
|
|
|
|
|
|
|
|
if ($pfdn != "") {
|
|
|
|
set $redir_prefix "$redir_scheme://$pfdn";
|
|
|
|
}
|
|
|
|
|
2020-03-27 23:37:48 +03:00
|
|
|
location = / {
|
2020-03-27 18:36:12 +03:00
|
|
|
# We use a cookie named "homepage" to set where visitors to the
|
|
|
|
# / path should be routed. In the ASP.NET server the value of
|
|
|
|
# this cookie is just used as the redirect path, but we tighten
|
|
|
|
# things up to only recognize the special case of "home".
|
|
|
|
if ($cookie_homepage = "home") {
|
2020-03-27 19:44:24 +03:00
|
|
|
rewrite ^ "$redir_prefix/home" redirect;
|
2020-03-27 18:36:12 +03:00
|
|
|
}
|
|
|
|
|
2020-03-27 19:44:24 +03:00
|
|
|
rewrite ^ "$redir_prefix/webclient/" redirect;
|
2020-03-27 18:36:12 +03:00
|
|
|
}
|
|
|
|
|
2020-03-27 22:38:51 +03:00
|
|
|
if ($rw_perm_path ~ "^http") {
|
|
|
|
rewrite ^ "$rw_perm_path" permanent;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($rw_perm_path != "none") {
|
|
|
|
rewrite ^ "$redir_prefix$rw_perm_path" permanent;
|
|
|
|
}
|
|
|
|
|
2020-03-27 19:44:24 +03:00
|
|
|
if ($rw_temp_path != "none") {
|
|
|
|
rewrite ^ "$redir_prefix$rw_temp_path" redirect;
|
2020-03-27 17:54:11 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
#error_page 404 /404.html;
|
|
|
|
|
|
|
|
# redirect server error pages to the static page /50x.html
|
|
|
|
error_page 500 502 503 504 /50x.html;
|
|
|
|
location = /50x.html {
|
|
|
|
root /usr/share/nginx/html;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|