| {# this template is used to generate a nginx.conf for booting a nginx server based on the given environment inventory #} |
| |
| events { |
| {# default: 1024 #} |
| worker_connections 4096; |
| } |
| |
| http { |
| {# allow large uploads, need to thread proper limit into here #} |
| client_max_body_size 50M; |
| |
| rewrite_log on; |
| {# change log format to display the upstream information #} |
| log_format combined-upstream '$remote_addr - $remote_user [$time_local] ' |
| '$request $status $body_bytes_sent ' |
| '$http_referer $http_user_agent $upstream_addr'; |
| access_log /logs/nginx_access.log combined-upstream; |
| |
| server { |
| listen 443 default ssl; |
| |
| # match namespace, note while OpenWhisk allows a richer character set for a |
| # namespace, not all those characters are permitted in the (sub)domain name; |
| # if namespace does not match, no vanity URL rewriting takes place. |
| server_name ~^(?<namespace>[0-9a-zA-Z-]+)\.{{ whisk_api_localhost_name | default(whisk_api_host_name) | default(whisk_api_localhost_name_default) }}$; |
| |
| ssl_session_cache shared:SSL:1m; |
| ssl_session_timeout 10m; |
| ssl_certificate /etc/nginx/certs/openwhisk-cert.pem; |
| ssl_certificate_key /etc/nginx/certs/openwhisk-key.pem; |
| ssl_verify_client off; |
| ssl_protocols TLSv1 TLSv1.1 TLSv1.2; |
| ssl_ciphers RC4:HIGH:!aNULL:!MD5; |
| ssl_prefer_server_ciphers on; |
| proxy_ssl_session_reuse off; |
| |
| # proxy to the web action path |
| location / { |
| if ($namespace) { |
| rewrite /(.*) /api/v1/web/${namespace}/$1 break; |
| } |
| proxy_pass http://{{ controller_host }}:{{ controller.port }}; |
| proxy_read_timeout 70s; # 60+10 additional seconds to allow controller to terminate request |
| } |
| |
| # proxy to 'public/html' web action by convention |
| location = / { |
| if ($namespace) { |
| rewrite ^ /api/v1/web/${namespace}/public/index.html break; |
| } |
| proxy_pass http://{{ controller_host }}:{{ controller.port }}; |
| proxy_read_timeout 70s; # 60+10 additional seconds to allow controller to terminate request |
| } |
| |
| location /blackbox-0.1.0.tar.gz { |
| root /etc/nginx; |
| } |
| |
| location /OpenWhiskIOSStarterApp.zip { |
| return 301 https://github.com/openwhisk/openwhisk-client-swift/releases/download/0.2.3/starterapp-0.2.3.zip; |
| } |
| |
| location /cli/go/download { |
| autoindex on; |
| root /etc/nginx; |
| } |
| } |
| } |