Cian-H/am-d-model.eu
1
0
Fork 0
mirror of https://github.com/Cian-H/am-d-model.eu.git synced 2025-12-23 05:51:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

Updated caddyfile and attempted to modify nginx by injecting .conf files

Browse Source
This commit is contained in:
Cian Hughes
2025-02-07 10:05:21 +00:00
committed by EC2 Default User
parent 3019f45c29
commit adf2e36e02
4 changed files with 62 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
caddy/Caddyfile
View File

@@ -1,4 +1,4 @@
import repo.caddyfile { {
admin off admin off
debug debug
log { log {
@@ -6,35 +6,19 @@ import repo.caddyfile {
} }
} }
(site) {
@landing {
path / /contact* /about* /favicon.png
}
handle /_app/* {
reverse_proxy site:3000
}
handle @landing {
reverse_proxy site:3000 {
health_uri /health
health_interval 30s
health_timeout 10s
health_status 200
}
}
handle /repo* {
uri strip_prefix /repo
import repo_site
}
}
:80 {
import site
}
http://am-d-model.eu {
import site
}
am-d-model.eu { am-d-model.eu {
import site reverse_proxy site:3000 {
health_uri /health
health_interval 30s
health_timeout 10s
health_status 200
}
}
invenio.am-d-model.eu {
reverse_proxy invenio.am-d-model.eu:8080 {
header_up Host {host}
header_up X-Real-IP {remote_host}
header_up X-Forwarded-Proto "https"
}
} }

25
caddy/internal_server.conf Normal file
View File

@@ -0,0 +1,25 @@
server {
listen 8080;
server_name invenio.am-d-model.eu;
# Disable SSL - this is an internal connection
ssl off;
location / {
include uwsgi_params;
uwsgi_pass ui_server;
uwsgi_param Host $http_host;
uwsgi_param X-Real-IP $http_x_real_ip;
uwsgi_param X-Forwarded-For $http_x_forwarded_for;
uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
}
location /api {
include uwsgi_params;
uwsgi_pass api_server;
uwsgi_param Host $http_host;
uwsgi_param X-Real-IP $http_x_real_ip;
uwsgi_param X-Forwarded-For $http_x_forwarded_for;
uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
}
}

22
caddy/proxy_settings.conf Normal file
View File

@@ -0,0 +1,22 @@
server {
listen 8080;
server_name invenio.am-d-model.eu;
location / {
include uwsgi_params;
uwsgi_pass ui_server;
uwsgi_param Host $http_host;
uwsgi_param X-Real-IP $http_x_real_ip;
uwsgi_param X-Forwarded-For $http_x_forwarded_for;
uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
}
location /api {
include uwsgi_params;
uwsgi_pass api_server;
uwsgi_param Host $http_host;
uwsgi_param X-Real-IP $http_x_real_ip;
uwsgi_param X-Forwarded-For $http_x_forwarded_for;
uwsgi_param X-Forwarded-Proto $http_x_forwarded_proto;
}
}

65
caddy/repo.caddyfile
View File

@@ -1,65 +0,0 @@
(repo_cors) {
header {
Access-Control-Allow-Origin *
Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE, OPTIONS"
Access-Control-Allow-Headers "*"
Access-Control-Allow-Credentials true
Strict-Transport-Security "max-age=15768000"
# Request ID tracing
+X-Request-ID {uuid}
}
}
(repo_common_proxy) {
# Set headers similar to uwsgi_param
header_up Host {host}
header_up X-Request-ID {uuid}
# Remove sensitive headers
header_down -X-Session-ID
header_down -X-User-ID
}
(repo_site) {
import repo_cors
# UI Server routes
handle / {
request_body {
max_size 100MB
}
reverse_proxy repo-web-ui:5000 {
import repo_common_proxy
}
}
# API routes
handle /api/* {
request_body {
max_size 100MB
}
reverse_proxy repo-web-api:5000 {
import repo_common_proxy
}
}
# Large file upload API routes
handle_path /api/records/*/draft/files/*/content {
request_body {
max_size 250GB
}
encode gzip
reverse_proxy repo-web-api:5000 {
import repo_common_proxy
}
}
handle /static/* {
root * /opt/invenio/var/instance/static
file_server
}
handle /robots.txt {
root * /opt/invenio/var/instance/static
file_server
}
}