40 lines
1.1 KiB
Plaintext
40 lines
1.1 KiB
Plaintext
# ==========================================
|
|
# API Gateway — SIT Reverse Proxy
|
|
# ==========================================
|
|
|
|
server {
|
|
listen 80;
|
|
server_name dev-api.svc.plus;
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl http2;
|
|
server_name dev-api.svc.plus;
|
|
|
|
ssl_certificate /etc/ssl/svc.plus.pem;
|
|
ssl_certificate_key /etc/ssl/svc.plus.key;
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
|
|
|
location / {
|
|
proxy_pass http://api_service;
|
|
proxy_http_version 1.1;
|
|
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Forwarded-Host $host;
|
|
|
|
add_header Access-Control-Allow-Origin $http_origin always;
|
|
add_header Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE, OPTIONS" always;
|
|
add_header Access-Control-Allow-Headers "Authorization, Content-Type, Cookie" always;
|
|
add_header Access-Control-Allow-Credentials "true" always;
|
|
|
|
if ($request_method = OPTIONS) {
|
|
return 204;
|
|
}
|
|
}
|
|
}
|