| #/* |
| # * Copyright (c) 2016 IBM. All rights reserved. |
| # * |
| # * Permission is hereby granted, free of charge, to any person obtaining a |
| # * copy of this software and associated documentation files (the "Software"), |
| # * to deal in the Software without restriction, including without limitation |
| # * the rights to use, copy, modify, merge, publish, distribute, sublicense, |
| # * and/or sell copies of the Software, and to permit persons to whom the |
| # * Software is furnished to do so, subject to the following conditions: |
| # * |
| # * The above copyright notice and this permission notice shall be included in |
| # * all copies or substantial portions of the Software. |
| # * |
| # * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
| # * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| # * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| # * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| # * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
| # * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
| # * DEALINGS IN THE SOFTWARE. |
| # * |
| # */ |
| |
| server { |
| listen 8080 default_server; |
| |
| server_tokens off; |
| ignore_invalid_headers off; |
| |
| #turn off the uninitialized_variable_warn ,as it writes to error_log , hence io |
| uninitialized_variable_warn off; |
| |
| # block ips of embargoed countries |
| if ( $blacklist ) { |
| return 403; |
| } |
| |
| include /etc/api-gateway/conf.d/commons/common-headers.conf; |
| include /etc/api-gateway/conf.d/includes/resolvers.conf; |
| |
| # Log locations with service name |
| access_log /var/log/api-gateway/access.log platform; |
| error_log /var/log/api-gateway/gateway_error.log debug; |
| |
| # include environment variable |
| |
| error_page 500 501 502 503 504 /50x.html; |
| |
| location /50x.html { |
| more_set_headers 'Content-Type: application/json'; |
| more_set_headers 'X-Request-Id: $requestId'; |
| more_set_headers 'X-Gateway-Host: $gateway_host'; |
| return 500 '{"code":$status, "message":"Oops. Something went wrong. Check your URI and try again."}\n'; |
| } |
| |
| location = /api { |
| content_by_lua ' |
| ngx.say("You have hit the api gateway managed endpoints.") |
| '; |
| } |
| |
| location ~ "^/api/([a-zA-Z0-9\-]+)/([a-zA-Z0-9\-\/\-\_\{\} ]+)(\\b)" { |
| set $upstream https://172.17.0.1; |
| set $tenant $1; |
| set $tenantNamespace ''; |
| set $tenantInstance ''; |
| set $backendUrl ''; |
| set $gatewayPath $2; |
| set $cors ''; |
| set $cors_methods ''; |
| |
| access_by_lua_block { |
| local routing = require "routing" |
| routing.processCall() |
| local cors = require "cors" |
| ngx.var.cors, ngx.var.cors_methods = cors.processCall(ngx.var["tenant"], ngx.var["gatewayPath"]) |
| } |
| |
| proxy_pass $upstream; |
| |
| header_filter_by_lua_block { |
| if ngx.var.cors ~= nil then |
| if ngx.var.cors == 'false' then |
| ngx.header['Access-Control-Allow-Origin'] = nil |
| ngx.header['Access-Control-Allow-Methods'] = nil |
| else |
| ngx.header['Access-Control-Allow-Origin'] = ngx.var.cors |
| if ngx.var.cors_methods ~= nil then |
| ngx.header['Access-Control-Allow-Methods'] = ngx.var.cors_methods |
| else |
| ngx.header['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS' |
| end |
| end |
| end |
| } |
| } |
| |
| location = /health { |
| proxy_pass http://0.0.0.0:9000/v1/health-check; |
| } |
| } |
