| #/* |
| # * Copyright (c) 2016 IBM. All rights reserved. |
| # * |
| # * Permission is hereby granted, free of charge, to any person obtaining a |
| # * copy of this software and associated documentation files (the "Software"), |
| # * to deal in the Software without restriction, including without limitation |
| # * the rights to use, copy, modify, merge, publish, distribute, sublicense, |
| # * and/or sell copies of the Software, and to permit persons to whom the |
| # * Software is furnished to do so, subject to the following conditions: |
| # * |
| # * The above copyright notice and this permission notice shall be included in |
| # * all copies or substantial portions of the Software. |
| # * |
| # * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
| # * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| # * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| # * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| # * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
| # * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
| # * DEALINGS IN THE SOFTWARE. |
| # * |
| # */ |
| |
| server { |
| listen 8080 default_server; |
| |
| server_tokens off; |
| |
| #turn off the uninitialized_variable_warn ,as it writes to error_log , hence io |
| uninitialized_variable_warn off; |
| |
| # block ips of embargoed countries |
| if ( $blacklist ) { |
| return 403; |
| } |
| |
| include /etc/api-gateway/conf.d/commons/common-headers.conf; |
| include /etc/api-gateway/conf.d/includes/resolvers.conf; |
| |
| # Log locations with service name |
| access_log /var/log/api-gateway/access.log platform; |
| error_log /var/log/api-gateway/gateway_error.log debug; |
| |
| # include environment variable |
| |
| error_page 500 501 502 503 504 /50x.html; |
| |
| location /50x.html { |
| more_set_headers 'Content-Type: application/json'; |
| more_set_headers 'X-Request-Id: $requestId'; |
| more_set_headers 'X-Gateway-Host: $gateway_host'; |
| return 500 '{"code":$status, "message":"Oops. Something went wrong. Check your URI and try again."}\n'; |
| } |
| |
| location = /api { |
| content_by_lua ' |
| ngx.say("You have hit the api gateway managed endpoints.") |
| '; |
| } |
| |
| location ~ ^/api/([a-zA-Z0-9\-]+)/([a-zA-Z0-9\-\/\-\_\{\}]+)(\\b) { |
| set $upstream https://172.17.0.1; |
| set $tenant $1; |
| set $backendUrl ''; |
| set $gatewayPath $2; |
| add_header Access-Control-Allow-Methods 'GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS'; |
| access_by_lua_block { |
| local routing = require "routing" |
| routing.processCall() |
| } |
| proxy_pass $upstream; |
| } |
| |
| location = /health { |
| proxy_pass http://0.0.0.0:9000/v1/health-check; |
| } |
| } |
| |
| |
| # example of hello-world service protected with API KEY |
| #server { |
| # listen 80; |
| # |
| # server_name ~hello-world.api.(?<domain>.+); |
| # |
| # server_tokens off; |
| # |
| # #turn off the uninitialized_variable_warn ,as it writes to error_log , hence io |
| # uninitialized_variable_warn off; |
| # |
| # # block ips of embargoed countries |
| # if ( $blacklist ) { |
| # return 403; |
| # } |
| # |
| # include /etc/api-gateway/conf.d/commons/common-headers.conf; |
| # include /etc/api-gateway/conf.d/includes/resolvers.conf; |
| # include /etc/api-gateway/conf.d/includes/default_validators.conf; |
| # |
| # # Log locations with service name |
| # access_log /var/log/api-gateway/access.log platform; |
| # error_log /var/log/api-gateway/marathon_error.log debug; |
| # |
| # # include environment variables |
| # include /etc/api-gateway/environment.conf.d/api-gateway-env-vars.server.conf; |
| # |
| # error_page 500 501 502 503 504 /50x.html; |
| # |
| # location /50x.html { |
| # more_set_headers 'Content-Type: application/json'; |
| # more_set_headers 'X-Request-Id: $requestId'; |
| # return 500 '{"code":$status, "message":"Oops. Something went wrong. Check your URI and try again."}\n'; |
| # } |
| # |
| # set $marathon_app_name hello-world; |
| # |
| # location ~.*\.(png|jpg|jpeg|js)$ { |
| # proxy_pass http://$marathon_app_name$request_uri; |
| # } |
| # |
| # location / { |
| # # ---------------------------------- |
| # # add X-Request-Id header |
| # # ---------------------------------- |
| # set $requestId $http_x_request_id; |
| # set_secure_random_alphanum $requestId_random 32; |
| # set_if_empty $requestId $requestId_random; |
| # # add_header X-Request-Id $requestId; |
| # proxy_set_header X-Request-Id $requestId; |
| # |
| # proxy_connect_timeout 10s; # timeout for establishing a connection with a proxied server |
| # |
| # proxy_read_timeout 10s; # Defines a timeout for reading a response from the proxied server. |
| # # The timeout is set only between two successive read operations, |
| # # not for the transmission of the whole response. |
| # |
| # proxy_send_timeout 10s; # Sets a timeout for transmitting a request to the proxied server. |
| # # The timeout is set only between two successive write operations, |
| # # not for the transmission of the whole request. |
| # keepalive_timeout 10s; # timeout during which a keep-alive client connection will stay open on the server side |
| # proxy_buffering off; # enables or disables buffering of responses from the proxied server. |
| # proxy_http_version 1.1; # Version 1.1 is recommended for use with keepalive connections. |
| # proxy_set_header Connection ""; |
| # |
| # # identify the service |
| # set $service_id $marathon_app_name; |
| # |
| # # identify the api key |
| # # either from the query params or from the "X-Api-Key" header |
| # set $api_key $arg_api_key; |
| # set_if_empty $api_key $http_x_api_key; |
| # |
| # # add the api-key validator |
| # set $validate_api_key on; |
| # |
| # #validate request |
| # access_by_lua "ngx.apiGateway.validation.validateRequest()"; |
| # |
| # proxy_pass http://$marathon_app_name$request_uri; |
| # |
| # # capture usage data |
| # log_by_lua ' |
| # if ( ngx.apiGateway.metrics ~= nil ) then |
| # ngx.apiGateway.metrics.captureUsageData() |
| # end |
| # '; |
| # } |
| #} |